freelance84 Posted October 7, 2011 Share Posted October 7, 2011 Totally new to controlling my server (installed yesterday). One of the first security issues I was made aware of was ensuring that the root login was disabled through the sshd_config file which it now is. However, i have come from a shared hosting environment with the use of cPanel, as a result i have opted to start with using Webmin and the command line through Putty until i find my feet (I'm new to linux too). The issue: Root login via the command line is disabled, however this only disabled via a ssh connection like Putty, NOT via a http connection like webmin, thus I can still login as root via Webmin. Is there around this? Or am i to trust that a bruce force attack on my server through webmin will fail with a 'lock out' after multiple login attempts? Quote Link to comment https://forums.phpfreaks.com/topic/248613-webmin-root-security/ Share on other sites More sharing options...
AyKay47 Posted October 7, 2011 Share Posted October 7, 2011 I assume that you used the DenyUsers option for this.. or perhaps the PermitRootLogin option? these should both work.. and perhaps should be used together Quote Link to comment https://forums.phpfreaks.com/topic/248613-webmin-root-security/#findComment-1276756 Share on other sites More sharing options...
freelance84 Posted October 8, 2011 Author Share Posted October 8, 2011 I set the permitrootlogin to no in the sshd_login file but not the deny users. I'll check on Monday cheers. Quote Link to comment https://forums.phpfreaks.com/topic/248613-webmin-root-security/#findComment-1277260 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.