server logins best practices

maestroc

• June 14, 2025 16:37

By default when you set up a WHM/cpanel server you log into the web interface with root.  What is the best way to secure a new server without needing to log in to WHM as root?  I'd prefer to remove root access except from the console.  In other words, do most people make a second user with sudo access but if so can that sudo account log into WHM?

• 

  Andrew

  • June 16, 2025 06:30

  You can't remove root access. Turn on 2FA auth and use SSH keys to login via SSH as root.

  Andrew N. - cPanel Plesk VMWare Certified Professional
  Do you need immediate assistance? 20 minutes response time!* Open a ticket
  EmergencySupport - Professional Server Management and One-time Services

  0
• 

  cPRex Jurassic Moderator

  • June 16, 2025 14:08

  I would say that most people don't make a separate user.  If you did make a reseller account with full permissions, it's still technically a root-level user so there isn't much difference.

  0

Please sign in to leave a comment.