We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Change Default Admin User
-
- Support team
- Posts: 1096
- Joined: Sat Sep 06, 2014 9:58 pm
- Contact:
- Os: Debian 8x
- Web: apache + nginx
Change Default Admin User
Hi all,
I was wondering, if I have a fairly matured VestaCP running around 5-6 domains already, is there a failsafe way to Change the Default "ADMIN" username to something else?
from Security standpoint as well as personalization, it is important. But please advise what's the best of way to do it, so that file permissions or site setup doesn't break!
I was wondering, if I have a fairly matured VestaCP running around 5-6 domains already, is there a failsafe way to Change the Default "ADMIN" username to something else?
from Security standpoint as well as personalization, it is important. But please advise what's the best of way to do it, so that file permissions or site setup doesn't break!
Re: Change Default Admin User
mehargags wrote:Hi all,
I was wondering, if I have a fairly matured VestaCP running around 5-6 domains already, is there a failsafe way to Change the Default "ADMIN" username to something else?
from Security standpoint as well as personalization, it is important. But please advise what's the best of way to do it, so that file permissions or site setup doesn't break!
Not unless you plan to edit almost every file of Vesta CP.
-
- Support team
- Posts: 1096
- Joined: Sat Sep 06, 2014 9:58 pm
- Contact:
- Os: Debian 8x
- Web: apache + nginx
Re: Change Default Admin User
This is a potential threat to default VestaCP installs. Devs and other Non-Experienced in Security would normally install VestaCP and start using it in its default state!
if the default port 8083 and Default Username admin is known to an attacker, all he needs to crack is the "password". Its just like a fresh linux install with Root SSH enabled!
I request the VESTA CP team to look into this matter asap.
the best way forward is to rather PROMPT a default admin username while installing VestaCP. This way is easiest. Than said, can I edit the default install script to implement this ?
if the default port 8083 and Default Username admin is known to an attacker, all he needs to crack is the "password". Its just like a fresh linux install with Root SSH enabled!
I request the VESTA CP team to look into this matter asap.
the best way forward is to rather PROMPT a default admin username while installing VestaCP. This way is easiest. Than said, can I edit the default install script to implement this ?
Re: Change Default Admin User
Just add request on https://bugs.vestacp.com/mehargags wrote:I request the VESTA CP team to look into this matter asap.
Re: Change Default Admin User
This suggestion already exist in our bug tracking system
https://bugs.vestacp.com/responses/chan ... n-username
https://bugs.vestacp.com/responses/chan ... n-username
-
- Support team
- Posts: 1096
- Joined: Sat Sep 06, 2014 9:58 pm
- Contact:
- Os: Debian 8x
- Web: apache + nginx
Re: Change Default Admin User
Thanks Imperio
I understand.. you may mark this thread closed!
I understand.. you may mark this thread closed!
Re: Change Default Admin User
I sugest to set a crazy safe password then, like with all in it like:
will the panel accept 20 chars and all umlauts and so ?
Code: Select all
Löz$UjVidRy33[m6A7f&