How to rename admin user in vastacp?

September 3, 2015 2k views
Control Panels Security

Good security practices in Quaker computer system and never use the names of User standards, I think a no size absurd vestacp start with admin and not have option in your GUI to change the User name root named by default: admin, failure ravissima abrindor pro bruteforce doors. how to get around this situation? protect my good diretrivas ssh server in the conf file from the server ... I want to know whether we can change vestaCP door and even use a failban style tool to enhance security at the entrance to my server through the control panel vestaCP

1 comment
  • Good security practices in the Quaker computer system and never use the user's patterns of names, I think a no nonsense size vestacp start with admin and has no option in your GUI to change the user name root called by default: admin, grave failure opening opportunities for bruteforce. how to get around this? protect my good diretrivas ssh server in the conf file from the server ... I wonder if we can change vestaCP door and even use a failban styling tool to increase security at the entrance to my server via the control panel vestaCP

6 Answers

@herculesnetwork - I'm with you :). I honestly feel that something as basic as allowing users to change the username should be a standard feature; for the sake of security, and for the sake of customization. Due to limitations (with most all control panels), that's one reason I prefer to make heavy use of the CLI, Bash Scripting and custom commands/aliases over installing a control panel. The only time I'd personally use a CP is if it has the option to shut down when not in use (i.e. I can enable/disable from the CLI - use it while I need it to make life easier, then disable when I'm done so there's no potential for abuse - thus blocking access completely).

I've actually been working on my own solution for a little while now. It's far from complete, and it needs to be cleaned up, though once it's in a state where I feel it can be easily used by others, and I'm confident that security isn't an issue, I'll be pushing the code to Github as an OS project.

@herculesnetwork - There's an ongoing request with, at the time of this response, 14 votes, to allow users to change the "admin" username, though it's not been finalized. As of right now, from what I've read, changing "admin" would require numerous changes elsewhere (inside the core of the software), thus, there's not a quick-fix.

You can check out the request at the link below. If this is something you're in support of, create an account and submit a vote so they know.

As for installing Fail2Ban, there's a quick guide below:

  • I have been working with connection via ssh and particularly administer via
    command line my server, but in a situation where you have to use the control
    panels for some people less technical, and protects the faiban
    connection via ssh, mail server etc .. but I can not see how to protect via Control Panel
    ... How vestacp .. what I thought was an application that would allow
    us to limit the number of login attempts via vestacp. but through login
    ssh for linux terminal, already use the failban use to the safety of the ssh server .. but with the use of Vesta .. I see a flaw in my system and I'm
    almost abandoning the use of it by the inflexibility of protecting the
    login screen! Is there any style app failban application to protect your
    login control panel against brute force?
    VestaCP is a large control panel, lightweight, straight-forward, there was no need to be voted to ask something as elementary as relative safety rename the default User admin

I use control panel just because email assign dkim, which in line commando found it very exhausting. as bash scripting? I can create databases and users accounts, permissions on files and directories, make all the strong security ssh server using RSA keys, disabling root access by specifying the User that can access, config knocking and all for line command the archives settings only by nano or came to install my CMS, I have no difficulty, but the issue of dkim key, I gave up in time to make via manual settings. control panel which I could turn off completely when not in use?

started using control panels because of the signatures of emails, do not have conditions to do a thousand things to sign new face email account ... and we panels just one click

Have another answer? Share your knowledge.