maritimer Posted February 23, 2012 Share Posted February 23, 2012 Been away from the scene a few years. Just recently leased a new cPanel server, solely for hosting shared cPanel accounts and those of my design clients. How do you generally setup the server, do you root/password or hash, or a combination of both? Got myself a little confused here and also a little worried about putting root server access info in whmcs. I generally create cPanel accounts in root WHM. Advice would be appreciated as I get my head around the brain fog from being away a few years! I am not interested in automatically activating an account when a client has paid, I prefer the manual option so that I can review it first. 0 Quote Link to comment Share on other sites More sharing options...
Roger Posted February 23, 2012 Share Posted February 23, 2012 (edited) Most importantly, if you can afford it. Get your WHMCS install off the client server. Use another server, VPS, Cloud VPS. Root access has to be entered in WHMCS or it can't do it's job properly. I too used the manually activate after confirmed payment. 1. Change the default ssh port 22 to something else. 2. Change your default root password to something that is super-strong. 3. HASH is best for shell access. But can be a pain in the rump. 4. Don't recall if WHMCS will use HASH or not. I've always used a super-strong password. 5. Install CSF (free) and learn to use it. 6. Install WHMXtra. Not free but monthly leases for less than $10.00 are common. Learn to use it. Use common sense and think out fully any thing you do to your servers. Anything. I just exited the hosting business after a few years. Others can give you their advice. You've impressed some of us already by being honest and asking good questions. Welcome back to the show and good luck. -Roger Edited February 23, 2012 by Roger 0 Quote Link to comment Share on other sites More sharing options...
maritimer Posted February 23, 2012 Author Share Posted February 23, 2012 Hello Roger, Thanks for the info. WHMCS is indeed on a different server which is solely running the billing script and company domain. I have the root password as a mixed 20 character password. The same for the whmc/administrator password. Root is disabled in ssh. I have it set up to access root through an su account. The ssh port has also been changed. I was more focused on the "connection" between whmcs and whm. From my understanding then, don't bother with then access hash option, go for the username/password in server setup? 0 Quote Link to comment Share on other sites More sharing options...
laszlof Posted February 23, 2012 Share Posted February 23, 2012 I think Roger is confusing ssh keys with access hashes. They are completely different. The access hash is generated by WHM under the "Cluster Configuration". It is ONLY used for accessing WHM via the API. I'm not sure where you got the idea that the access hash would not be the best option. Using the access hash rather than the password limits the scope of an attack should someone gain access to your WHMCS installation. The access hash can only be used to execute commands in WHM via the API. It cannot be used to "login" to the server in any way. I would advise against placing a root password in WHMCS. While you can use the most secure password you can think of, the encryption on said password in the WHMCS database is 2 way, meaning it can easily be decrypted by someone who knows what they're doing if they compromise your server. Also, you do not HAVE to use a root account in WHMCS. You can use a high level reseller and it will accomplish basically the same thing. However, if you have done all that was previously stated, you probably do not need to worry. Go ahead and use the "root" login with the access hash generated by WHM. 0 Quote Link to comment Share on other sites More sharing options...
othellotech Posted February 24, 2012 Share Posted February 24, 2012 I just exited the hosting business after a few years Wow - congrats 0 Quote Link to comment Share on other sites More sharing options...
Roger Posted February 24, 2012 Share Posted February 24, 2012 Wow - congrats lol.... Getting too old for all the excitement Hoping to leave my network admin position soon and retire for good. @maritimer - you're welcome. At least some of the info was good. @laszlof - yes, I was confusing the two. But I'm an old fart and I'm allowed to do that. lol.... I got 18 grandkids.... of course I'm confused... -Roger 0 Quote Link to comment Share on other sites More sharing options...
laszlof Posted February 24, 2012 Share Posted February 24, 2012 @laszlof - yes, I was confusing the two. But I'm an old fart and I'm allowed to do that. lol.... I got 18 grandkids.... of course I'm confused... -Roger Time to trade in sysadmin hat for a walker, and increase all font sizes to 24. 0 Quote Link to comment Share on other sites More sharing options...
Roger Posted February 24, 2012 Share Posted February 24, 2012 Not that old... but trading it in to go fishing is about right. 0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.