Admin

Reseller Permissions

What resellers can and cannot do in the Opterius Panel.

Last updated 1775606400

Resellers access the same Panel URL as admins but see a reduced Server Mode. The Panel enforces their permissions at both the UI and API level — hidden navigation items are not just hidden, they are inaccessible even via direct URL or API call.

What Resellers Can Do

Account management:

  • Create hosting accounts (within their resource limits)
  • Suspend and unsuspend their own accounts
  • Delete their own accounts
  • Reset account passwords

Package management:

  • Create packages for use by their own accounts
  • Edit and delete their own packages

DNS:

  • Manage DNS records for domains belonging to their accounts
  • View zone files for their accounts

Reseller-level settings:

  • Update their own profile (name, password, email)
  • Configure white-label branding for their own Panel instance (if white-label is enabled for them)
  • View their own resource usage summary

What Resellers Cannot Do

Server-level access — not available to resellers:

Area Reason
Servers Adding/removing managed servers is an admin-only operation
Services Starting/stopping nginx, MariaDB, etc. affects all users
License License management is the hosting provider's concern
PHP Versions System-wide PHP version installation is server-level
Email Settings (system-wide) Postfix/Dovecot configuration affects all accounts
Security Settings Panel-wide 2FA and IP restrictions are admin-controlled
Monitoring (server-level) Full server resource charts are admin-only
Other resellers' accounts A reseller can only see accounts they created
Admin accounts Resellers cannot view, create, or modify admin users

Sidebar Differences

The reseller sidebar shows:

  • Dashboard (reseller summary — their account totals and usage)
  • Accounts
  • Packages
  • DNS
  • Profile

The admin sidebar additionally shows: Servers, Services, Monitoring, IPs, Resellers, Settings (full), License.

Enforcement

Permission checks happen in the Panel's middleware layer before any controller code executes. There is no way for a reseller to access admin-only functionality through the UI or API, regardless of URL manipulation.

A reseller cannot escalate their own privileges. Privilege changes must be made by an admin in Server Mode → Resellers → [reseller] → Edit.

Related

Previous
← Creating a Reseller Account
Next
Reseller Account Limits →