We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Install with custom admin username
Install with custom admin username
I've been looking for progress on the topic of being able to change the username for the main admin account. I've noticed the link to the issue in the bug tracker (as seen in this forum thread) is no longer working.
Perhaps the install script would be the easiest way to incorporate a custom admin username. The same way the password is set, the username can be set.
When I go to log on via SSH to admin@, there's always a ton of failed login attempts. This is a big security flaw as the only thing a hacker needs to figure out is the password alone. The password will give them root access to the server as admin is given sudo privileges. We need to make being able to change the main admin account's username, or install with a custom username, a priority.
If I can help in any way, I would be glad to.
Perhaps the install script would be the easiest way to incorporate a custom admin username. The same way the password is set, the username can be set.
When I go to log on via SSH to admin@, there's always a ton of failed login attempts. This is a big security flaw as the only thing a hacker needs to figure out is the password alone. The password will give them root access to the server as admin is given sudo privileges. We need to make being able to change the main admin account's username, or install with a custom username, a priority.
If I can help in any way, I would be glad to.
Last edited by hdavis84 on Sat Sep 09, 2017 7:53 am, edited 1 time in total.
Re: Install with custom admin username
New Issue:
https://bugs.vestacp.com/issues/584
Enhancement Suggestion - Set Admin username via install script:
https://bugs.vestacp.com/issues/585
https://bugs.vestacp.com/issues/584
Enhancement Suggestion - Set Admin username via install script:
https://bugs.vestacp.com/issues/585
Re: Install with custom admin username
Current suggestion to everyone is to create a user account to use for all your main websites, including the primary domain. You can then set the admin account to allow no ssh login.
-
- Support team
- Posts: 1096
- Joined: Sat Sep 06, 2014 9:58 pm
- Contact:
- Os: Debian 8x
- Web: apache + nginx
Re: Install with custom admin username
Yes the admin username should be selectable, not hardcoded. I was one of the first users to open this feature request.
Anyhow as other suggested workarounds, also you can
1. block your VestaCP port 8083 and only allow certain IPs (you can use Dynamic IP also)
2. change Default VestaCP port to something else (obfuscate)
Anyhow as other suggested workarounds, also you can
1. block your VestaCP port 8083 and only allow certain IPs (you can use Dynamic IP also)
2. change Default VestaCP port to something else (obfuscate)
Re: Install with custom admin username
Yeah, but it's hardcoded for now ;-(
Yet another option - use additional basic authorizaition in vesta-nginx:
Yet another option - use additional basic authorizaition in vesta-nginx:
Code: Select all
auth_basic "Restricted";
auth_basic_user_file /usr/local/vesta/nginx/conf/.htpasswd;