To minimise the chances of your WHM VPS being compromised by brute-force attempts to gain root access, we recommend using an alternative account to 'root' for administrative access.
An administrative(root level) account can be created by following these steps.
- Enter domain as "unused.yourdomain.com"
- Enter a username. e.g. "vpsmngr"
- Enter a new, strong password
Enter an email address only you have access to e.g. "vpsadmin@mydomain.com"
- Under Package, use the defaults - unlimited everything is fine.
- Under Reseller, check both boxes
- Click Create
- Under "Reseller Modifications" make sure the new "vpsmngr" account is selected.
- Click "Edit Privileges/Nameservers"
- At the bottom of the page under "Root Access", tick "All Features"
- Click "Save all Settings"
- Select user "vpsmngr" from the list.
- Click "Add to Group"
Login to VPS via SSH as root, then give vpsmngr user account sudo access:
usermod -aG admin vpsmngr
sed -i 's/^PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config
test -e /etc/init.d/sshd && /etc/init.d/sshd restart
You should now be able to log into your VPS via SSH with the vpsmngr user account instead of the root account.
Comments