Results 1 to 15 of 15
  1. #1
    Join Date
    Dec 2006
    Location
    Canada
    Posts
    884

    CPanel Root Login

    Hi,
    Is it possible to disable direct root login on Cpanel servers?

    if yes, please how.

    If not, what would be the best to do to secure 'root' account.

    Thanks,
    s-f-r-j
    HostingFields - Managed Web Hosting - sales@hostingfields.com
    Affordable Shared Web Hosting, Semi Dedicated Servers & Dedicated Servers
    https://www.hostingfields.com

  2. #2
    Join Date
    Jan 2007
    Location
    /dev/null
    Posts
    3,700
    Give it a password none will ever crack, something random like
    xVNky4z%D]s@en7cF!.g

  3. #3
    Join Date
    Dec 2006
    Location
    Canada
    Posts
    884
    Quote Originally Posted by Rob B View Post
    Give it a password none will ever crack, something random like
    xVNky4z%D]s@en7cF!.g
    OKay cool..

    Ill use the one you provided ... thanks!!!

    My IP is ...

    Thanks,
    s-f-r-j
    HostingFields - Managed Web Hosting - sales@hostingfields.com
    Affordable Shared Web Hosting, Semi Dedicated Servers & Dedicated Servers
    https://www.hostingfields.com

  4. #4
    Join Date
    Mar 2009
    Location
    Houston, TX
    Posts
    666
    Quote Originally Posted by Rob B View Post
    Give it a password none will ever crack, something random like
    xVNky4z%D]s@en7cF!.g
    It's always crackable.

  5. #5
    Join Date
    Mar 2008
    Posts
    30
    Are you referring to WHM login or SSH? For SSH disable password auth and use keys. For WHM you could restrict IP access to the server in the security settings inside the control panel.

  6. #6
    Join Date
    Feb 2009
    Location
    United States
    Posts
    379
    UAW-Qv(~&5dU8jk¬TNHpHwjV_TJNdcRD
    Nz@Kr~:,nG7XJ&<9hGX{yp8rOuJ2[f¬F
    )-JMj0;6>HYFbt8j586w35igzVDz`suF
    (*Rm-xY_vOwmwi6eg.c.xPKSGe=MT+AZ
    csd-<B56HL%q~AmXJwdTz/109,%W>M£]
    }cA2bK%$Ukr.l7-Cj21Xx*7XqTNKO5Qh
    BR+.P£>-l+k{QJ.6Cerj5kA]UGq£=[9>
    uul1[wj@GJa8^U#}R=Nrf`vlrw:,sy>n
    %hr.£YxSa?s%?¬YgjbiVefit_}M.oxAW
    k&UJJA9`0.sYF]{F,Bv<hRv*UfMqj[*f
    Victor Lugo
    Systems Administrator

  7. #7
    Quote Originally Posted by txitcs View Post
    It's always crackable.
    5 failed login attempts, ZAP, cPanel brute force detected. ZAP ZAP. Banned.

    Attacker: "Haha, they think they are sweet thinking they can ban my IP address for brute forcing. To bad I have 5 more!!!"

    ZAP...ZAP...ZAP...ZAP...ZAP...

    Good day.

    Use a password similar to the one mentioned, and you can consider your self "safe"

  8. #8
    Join Date
    Dec 2006
    Location
    Canada
    Posts
    884
    Quote Originally Posted by wepinto View Post
    For WHM you could restrict IP access to the server in the security settings inside the control panel.
    Where exactly is this if you don't mind sharing.

    Thanks,
    s-f-r-j
    HostingFields - Managed Web Hosting - sales@hostingfields.com
    Affordable Shared Web Hosting, Semi Dedicated Servers & Dedicated Servers
    https://www.hostingfields.com

  9. #9
    You can also restrict root access by entering into the ssh configuration file

    /etc/ssh/sshd_config
    and change PermitRootLogin to "No"

    Then restart ssh service by
    /etc/init.d/sshd restart

  10. #10
    Join Date
    Dec 2006
    Location
    Canada
    Posts
    884
    Quote Originally Posted by sysgallery View Post
    You can also restrict root access by entering into the ssh configuration file

    /etc/ssh/sshd_config
    and change PermitRootLogin to "No"

    Then restart ssh service by
    /etc/init.d/sshd restart
    Will this affect WHM login?

    Thanks,
    s-f-r-j
    HostingFields - Managed Web Hosting - sales@hostingfields.com
    Affordable Shared Web Hosting, Semi Dedicated Servers & Dedicated Servers
    https://www.hostingfields.com

  11. #11
    I am sure, it will not effect your WHM root login

  12. #12
    Join Date
    Mar 2008
    Posts
    30
    Quote Originally Posted by s-f-r-j View Post
    Where exactly is this if you don't mind sharing.

    Thanks,
    s-f-r-j
    Main >> Security >> Security Center >> Host Access Control

  13. #13
    Join Date
    Jul 2005
    Location
    New Jersey, US
    Posts
    1,597
    You should also use a firewall like CSF to monitor logins to other ports that the cpanel brute force detector doesn't monitor.
    PlatinumServerManagement (also known as PSM)
    The OLDEST and LARGEST and MOST TRUSTED server management provider in the USA, with 15+ employees and growing!
    Providing quality support for OVER 21 years! Currently supporting over 3,000+ servers monthly!

    www.PlatinumServerManagement.com Proud member of the NJ BBB & Chamber of Commerce & Authorized cPanel Partner.

  14. #14
    Join Date
    Nov 2005
    Posts
    54
    If you're getting brute forced via SSH just change your SSH port in /etc/ssh/sshd_config

  15. #15
    Join Date
    Oct 2007
    Location
    Colombia
    Posts
    69
    For deny root access (directly) to your SSH server PermitRootLogin into sshd_config will work fine. But you need to create a user and put it to your wheel group (you may use WHM to do that) and when you want to login to root you need to login first to your unpriv user and leter use the command "su". If you want to restric access from root to your WHM you may close the port 2086 (TCP) for all and only open it for your IP address or your VPN IP address. Another importan thing is that you need to delete or comment some redirects in your httpd.conf:

    RewriteCond %{HTTP_HOST} ^whm\.
    RewriteRule ^/(.*) http://127.0.0.1:2086/$1 [P]

    If you don't do that, other people can connect to WHM using http://whm.domain.com

    Hope this helps you...
    Jose David Bravo | jbravo[at]colombiahosting.com.co
    ColombiaHosting High Quality Hosting in Colombia
    www.colombiahosting.com.co

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •