Tags
|
|
|
Disable direct root login
|
Do you know that allowing the root user to login directly is a major security issuse? I’ll show you how to disable it so you can still login as root but not just directly, reducing the security issuse.
This will force a hacker to have to guess to seprate passwords to gain root access.(it is because you have 2 seprate password for your admin and root , is’nt right?)
What happens is you’ll first need to login as your admin user in SSH, then switch to the super user with the su command to get
|
What are the different methods to login to WHM
|
You can login to the WHM using any of the following URLs, followed by a username/password authentication
The username is 'root' for the server administrator.
* http://yourserverIPaddress/whm
* http://yourserverIPaddress:2086
* http://yourservername(or_yourdomain_name)/whm
* http://yourservername(or_yourdomain_name):2086
You can also use SSL(https) to login to WHM
* https://yourserverIPaddress:2087
* https://yourservername(or_yourdomain_name):2087
Note: domain name can be a
|
E-mail Alert on Root SSH Login
|
E-mail Alert on Root SSH Login
Want to be notified instantly when someone logs into your server as root? No problem, check out this nice tutorial on email notification for root logins. Keeping track of who logs into your server and when is very important, especially when you’re dealing with the super user account. We recommend that you use an email address not hosted on the server your sending the alert from.
So lets get started!
1. Login to your server and su to root, I know the irony!
|
Alert when an login is done to SSH server
|
For added security, I modified the .bashrc profile for any users that may have shell access, and added the following, so that when the user logs in, it sends out an email, letting you know that someone has logged in.
Code: echo ‘ALERT – Root Shell Access (YourserverName) on:’ `date` `who` | mail -s “Alert: Root Access from `who | cut -d”(” -f2 | cut -d”)” -f1`” you@yourdomain.com
Of course, you need to modify the (Yourservername) and you@yourdomain.com part.
This little code get
|