How do I secure my WHM account
I have secured ssh access to my web server so that an encryption key must be passed to validate access. But anyone who knows the password on the root account can log in to WHM.
Bear in mind that I am coming from a quarter century of experience with Debian, where a hacker must know both my username and my password to get into the system. With RHEL systems the root shell is always available so all a hacker needs to do is guess the password.
How do I secure WHM so that the user needs to know the public key to access services, considering that one of the services provided by WHM is a root shell.
-
Hey there! There isn't a way to use a key-based system for WHM access, but we do have a 2FA option to increase the security of that login page. More details on that can be found here: https://docs.cpanel.net/whm/security-center/two-factor-authentication-for-whm/
0
Please sign in to leave a comment.
Comments
1 comment