Create new WHM admin?
hello
i want to create a new admin user for WHM other than root to disable direct root login, but the KB provided to create a user without a domain has a clear warning :
We strongly recommend that you do not use this method to create administrative user accounts. This method can cause problems with your server configuration.
what to do ? can i follow it ? can i use an account with a domain ( i own all the domains ) ?! if yes would this present a new security risk ?!
How to Create a WHM Reseller Without An Associated Domain - cPanel Knowledge Base - cPanel Documentation
-
I probably would not do this just for the sole purpose of denying root access. If you are the only one who is accessing WHM you could close the ports in the firewall and just whitelist yours. 0 -
I probably would not do this just for the sole purpose of denying root access. If you are the only one who is accessing WHM you could close the ports in the firewall and just whitelist yours.
i have change the default port of ssh, denying everything except my public static ip in access host control .. is this enough ?0 -
if you are denying access to 2086/2087 in hosts then yes that is adequate. 0 -
if you are denying access to 2086/2087 in hosts then yes that is adequate.
what do you mean ? in access host control you control which service is allowed or denied for an ip or subnet0 -
Ok, yes, if you restrict access to whostmgrd to just your IP then you are fine. 0 -
Hello @chanklish, Using WHM >> Host Access Control to limit access to the whostmgrd service to your own IP address is a better approach. Keep in mind you'll to connect over SSH to modify the IP address added in the /etc/hosts.allow file anytime your IP address changes. As far as overall security, the following document is a good place to start: Recommended Security Settings - cPanel Knowledge Base - cPanel Documentation Thank you. 0
Please sign in to leave a comment.
Comments
6 comments