Hi, i’m just starting to learn Cyberpanel and already managed to install it.
May i know, how to change ‘admin’ username to something else?
Don’t u think it’s a bad practice to force us to use ‘admin’ for main superadmin login?
And, is there any suggestions to increase the security of our main login page? (https://xxxxxx:8090)
Do not change this user, it is better you can create another user with admin ACL.
That lowers the security even more. Leaving an “admin” users is like leaving port 22 open. And kiddy script is going to try that username (and “root”) first and brute for the password. I love litespeed and I love cyberpanel. Even moreso than cPanel, Webmin/Virtualmin, etc. But this relaxed attitude towards security (for example no 2FA) is nearly a deal breaker. I understand you request we help, and I’m happy to try, but I guess I’m just a little shocked the ONLY thing protecting ALL of my sites is a single password.
Agreed! We need 2FA.
Bump. +1
Type your comment> @Cocchini_Corp said:
That lowers the security even more. Leaving an “admin” users is like leaving port 22 open.
+1. It’s worse than leaving port 22.
it will be a problem. so please create another userid
While you can’t prevent brute force attempts in CP’s firewall settings, In CSF you can limit brute force attacks to a specific port(s). Add port 8090 and 7080 if you wish to prevent brute force attempts to those ports.
Type your comment> @themew said:
While you can’t prevent brute force attempts in CP’s firewall settings, In CSF you can limit brute force attacks to a specific port(s). Add port 8090 and 7080 if you wish to prevent brute force attempts to those ports.
Did you try?
How CSF will know if it was a BF attempt?
You specify the number of times the port can be accessed in succession. You can also specify the ban time or permanent ban of the offending IP.
Type your comment> @themew said:
You specify the number of times the port can be accessed in succession. You can also specify the ban time or permanent ban of the offending IP.
Which setting is this? Portflood, connlimit? Do you know that BF is usually done from many different IPs?
CSF will ban whichever IPs are used in the attack for whatever amount of time you specify (hourly or permanently).
Rather than type a full CSF tutorial, there are dozens of great writeups online explaining how to set up CSF to mitigate various attacks. There are several settings that need to be activated as well as ports specified to effectively use CSF which does a great job protecting CyberPanel.
Type your comment> @themew said:
CSF will ban whichever IPs are used in the attack for whatever amount of time you specify (hourly or permanently).
Rather than type a full CSF tutorial, there are dozens of great writeups online explaining how to set up CSF to mitigate various attacks. There are several settings that need to be activated as well as ports specified to effectively use CSF which does a great job protecting CyberPanel.
That’s a bit of work writing a tutorial for a few settings to be activated, I understand… I also understand that you were writing pure nonsense before, because port monitoring has nothing to do with blocking login attempts. I can hold F5 when accessing cpanel.on:8090 and I will be blocked? What are you talking about?? What about logged in users, what if their F5 key stuck while being log in??
@fan CSF would have to parse url /verifyLogin and monitor hits from each IP not the login page so refreshes won’t count. However atm cyberpanel is returning 200 even for failed attempts which may cause false blocks. So if that is switched to 401 and considering all requests are logged CSF can be easily integrated.
Type your comment> @jetchirag said:
@fan CSF would have to parse url /verifyLogin and monitor hits from each IP not the login page so refreshes won’t count. However atm cyberpanel is returning 200 even for failed attempts which may cause false blocks. So if that is switched to 401 and considering all requests are logged CSF can be easily integrated.
That talk is closer to reality.
hi , i’m one of covid 19 survival and new cyberpanel user ; i would like to tell u that now there’s a 2FA
Here is the solution to change the default CyberPanel accounts username.
[Which should always and must be the default action after deploying a CyberPanel instance for minimum security]
After first time login to CyberPanel using the admin username, create a new admin user account with a username of your choosing and security set to high.
Now logout and login using this newly created account.
Then access cyberpanel database through PHPMYAdmin, and find the loginSystem_administrator table.
There you simply click edit on that row with id 1 and username admin, and change the admin username to any arbitrary username to help mitigate brute force attempts [you never should need this username to login again].
Once username has been modified to anything else but admin, just click go and logout.
Now you should be able to login to CyberPanel using this new username, if ever needed [but you should never use this system admin account with ID 1 to login through cyberpanel ever again]
should you loose access to the cyberpanel, forgetting the username, you can always just get the list of users to reveal usernames or create a new admin user using the CyberPanel CLI commands through SSH terminal access as listed here
like so, to list users:
cyberpanel listUsers
and like so to create an admin user:
cyberpanel createUser --firstName Cyber --lastName Panel --email [email protected] --userName cyberpanel --password securepassword --websitesLimit 10 --selectedACL user --securityLevel HIGH
Final words:
Of course go ahead and turn on the new awesome 2FA on all users, to further increase security.
And I know it’s tempting to to just delete or suspend the default ‘admin’ user with ID 1 in the database, but trust me that will likely create a bunch of other issues as that ID is attached to a lot of website instance permissions, and will likely break your websites.
