Originally Posted by djtremors
Authentication files are stored together in /home/admispconfig/ispconfig/web/ispc.awstats/.htpasswd as well as the websites home directory. ONLY the domains allowed users can access their own sites so there's no cross site security issues there.
Log in stats of your site and change url in browser
So what do you thing about crossite security now?