chanklish

Well-Known Member
May 22, 2015
77
0
56
kinshasa
cPanel Access Level
Root Administrator
hello
i want to create a new admin user for WHM other than root to disable direct root login , but the KB provided to create a user without a domain has a clear warning :
We strongly recommend that you do not use this method to create administrative user accounts. This method can cause problems with your server configuration.

what to do ? can i follow it ? can i use an account with a domain ( i own all the domains ) ?! if yes would this present a new security risk ?!

How to Create a WHM Reseller Without An Associated Domain - cPanel Knowledge Base - cPanel Documentation
 

GOT

Get Proactive!
PartnerNOC
Apr 8, 2003
1,739
305
363
Chesapeake, VA
cPanel Access Level
DataCenter Provider
I probably would not do this just for the sole purpose of denying root access.

If you are the only one who is accessing WHM you could close the ports in the firewall and just whitelist yours.
 

chanklish

Well-Known Member
May 22, 2015
77
0
56
kinshasa
cPanel Access Level
Root Administrator
I probably would not do this just for the sole purpose of denying root access.

If you are the only one who is accessing WHM you could close the ports in the firewall and just whitelist yours.
i have change the default port of ssh , denying everything except my public static ip in access host control .. is this enough ?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,910
2,213
363
Hello @chanklish,

Using WHM >> Host Access Control to limit access to the whostmgrd service to your own IP address is a better approach. Keep in mind you'll to connect over SSH to modify the IP address added in the /etc/hosts.allow file anytime your IP address changes.

As far as overall security, the following document is a good place to start:

Recommended Security Settings - cPanel Knowledge Base - cPanel Documentation

Thank you.