Using an alternative account to 'root' on WHM VPS

Steve Soady
Follow
Most servers connected to the internet are constantly subjected to both automated and manual attempts to gain unauthorised access to them. This is an unfortunate reality of internet connectivity today.

To minimise the chances of your WHM VPS being compromised by brute-force attempts to gain root access, we recommend using an alternative account to 'root' for administrative access.

An administrative(root level) account can be created by following these steps.


  • Login to WHM as root
  • Select "Create a New Account" under "Account Functions"
    1. Enter domain as "unused.yourdomain.com"
    2. Enter a username. e.g. "vpsmngr"
    3. Enter a new, strong password 

    4. Enter an email address only you have access to e.g. "vpsadmin@mydomain.com"

    5. Under Package, use the defaults - unlimited everything is fine.
    6. Under Reseller, check both boxes
    7. Click Create
  • Select "Reseller Center" under "Resellers"
    1. Under "Reseller Modifications" make sure the new "vpsmngr" account is selected.
    2. Click "Edit Privileges/Nameservers"
    3. At the bottom of the page under "Root Access", tick "All Features"
    4. Click "Save all Settings"
  • Select "Manage Wheel Group Users" under "Security Center".
    1. Select user "vpsmngr" from the list.
    2. Click "Add to Group"

  • Login to VPS via SSH as root, then give vpsmngr user account sudo access:

    usermod -aG admin vpsmngr
    •      
  • Edit the sshd_config file to disallow root logins via SSH and restart the SSH daemon
    sed -i 's/^PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config
    •         
  • Restart the SSH daemon to effect the changes
    test -e /etc/init.d/sshd && /etc/init.d/sshd restart
    •    
    You should now be able to log into your VPS via SSH with the vpsmngr user account instead of the root account.

    Have more questions? Submit a request

    Comments

    Powered by Zendesk