The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Questions about my root access as well as other security advisor warnings.

Discussion in 'Security' started by durangod, Jul 20, 2014.

  1. durangod

    durangod Well-Known Member

    Joined:
    May 12, 2012
    Messages:
    251
    Likes Received:
    10
    Trophy Points:
    18
    cPanel Access Level:
    Website Owner
    So im setting up my VPS, my first time ever.


    1. i just spent all this time setting up putty and doing private keys and learning how to do all that including editing files and such via command line.

    And now the security advisor tells me i should change

    Code:
    #PermitRootLogin yes  
    to no to cut off ssh root login.

    that dont make sense to me unless i can get a command line from inside WHM but still i just did all this and now i have to shut it down so i cant even get in to root ssh.

    or am i misunderstanding this, the root is in the wheel, is that the difference, i can still get in ssh right?


    also do i need to uncomment that line

    Code:
    PermitRootLogin no       <like that>
    

    2. Apache vhosts are not segmented or chroot()ed.
    Enable “Jail Apache” in the “Tweak Settings” area

    the problem is when i go there it is subdued and i cant click on anything for jail apache, it wont let me, its like the config is disabled.

    3. suEXEC is disabled.

    but when i go to the link it says:

    so im guessing i should just ignore that one.


    thanks
     
  2. durangod

    durangod Well-Known Member

    Joined:
    May 12, 2012
    Messages:
    251
    Likes Received:
    10
    Trophy Points:
    18
    cPanel Access Level:
    Website Owner
    interesting

    \\v-nessa.net/2014/02/19/cpanel-security-advisor-dont-take-it-to-heart
     
  3. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,474
    Likes Received:
    202
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
  4. durangod

    durangod Well-Known Member

    Joined:
    May 12, 2012
    Messages:
    251
    Likes Received:
    10
    Trophy Points:
    18
    cPanel Access Level:
    Website Owner
    thanks infopro, really appreciate that man.. :) i am also almost done with this too a few more min to go... great video.. good to see my coding skills will come in hand both on the investigative and dev side too. Good to see that overlap cause i been feeling like a fish out of water for a week now..

    GREAT video im so thankful they made this mod security video. There should be many more like this...

    /http://www.youtube.com/watch?v=qn3FeXq5frg
    Openwest 2014 - Jason Wood - Defending Against Web App Attacks Using ModSecurity
     
  5. durangod

    durangod Well-Known Member

    Joined:
    May 12, 2012
    Messages:
    251
    Likes Received:
    10
    Trophy Points:
    18
    cPanel Access Level:
    Website Owner
    info pro my dear fast driver friend lol... If you had picked up on this it would have saved me so much time.. Im not saying you goofed cause its hard to read between the lines and honestly i should have spelled out what i was trying to say exactly.

    What i was trying to say with this is why am i creating another user only to shut it down.

    That is when i wish you would have picked up on the fact that "why are you creating the key in the whm " sir, lmao... im a goof and like i said you didnt do anything wrong, i just wish you could have picked up on what i was doing and told me to go to cpanel for the key.

    to help others if your making a new user to replace your root login, read this

    http://forums.cpanel.net/f185/added-new-user-but-cant-get-into-ssh-them-420501.html
     
  6. SS-Maddy

    SS-Maddy Well-Known Member

    Joined:
    Mar 28, 2009
    Messages:
    83
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Hello

    While disabling ssh root login, make sure to create an SSH user and add the user to wheel group. Otherwise, you will not be able to switch to the root account. SSH root access has more advantages than WHM root access. For security purposes, it is always better to change the default SSH port to a custom one.
     
  7. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,474
    Likes Received:
    202
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    IMHO, sometimes feeding the answer is not as helpful as pointing to docs, or actually letting you get in there and do it, and learn that way.

    If you like videos to learn with, we've got those too!
    cPanel Videos
    In Under 2 Minutes - cPanel How To Videos - cPanelTV
     
Loading...

Share This Page