Can I reconfigure DirectAdmin

[jim.thornton]

I just went through a pretty serious attack against 'admin'. This is the main user account that my vps provider created when installing DirectAdmin.

Is there a way that:

1. I can change the name of the main user so that 'admin' doesn't exist. It is just too easy to start attacking admin in my opinion.

2. Can I change the length of the usernames that will be accepted by DA. I would like it to make it so that it will accept up to 16 characters (or so).

 

[jlandes]

I can answer your first question because I renamed my admin account whenever I setup my server. Here's how to do it:

Login to your server as the root user using SSH and type the following:

# cd /usr/local/directadmin/scripts
# ./change_username.sh admin newuser

Note: Replace 'newuser' with the username you'd like to use for the new account.

Next, edit the server’s SSH configuration file:

# nano -w /etc/ssh/sshd_config

Find the line:

AllowUsers admin

Change it to:

AllowUsers newuser

Save the file and exit nano. Then restart the SSH service:

# service sshd restart

Next, edit the DirectAdmin list of allowed admins file:

# nano -w /usr/local/directadmin/data/admin/admin.list

Change the line with the admin username to the new username for the admin account. Then, save the file and exit nano.

I would recommend bringing up another SSH session to make sure you can login successfully with this account before closing out your existing SSH connection.

 

[jlandes]

One other thing, if you get email at [email protected], you'll want to setup an alias for admin and have it point to [email protected]. If I remember correctly, it changes the username of the main e-mail account too. If that is the case with you, let me know and I'll give you directions on how to setup the forwarder and such. Thanks.

 

[jim.thornton]

I ran the script and it broke my installation.

First it "stuck" on the mysql step, and just kept going ". . . . . . " and so on. So, I hit ^C and it stopped. Then I check to see if the username was changed in # cat /etc/passwd and it showed the new username.

So... I exited SSH and now I can't get back in.

 

[jim.thornton]

I ran the script and it broke my installation.

First it "stuck" on the mysql step, and just kept going ". . . . . . " and so on. So, I hit ^C and it stopped. Then I check to see if the username was changed in # cat /etc/passwd and it showed the new username.

So... I exited SSH and now I can't get back in.

Okay... I got back in but can you (or someone else) please give me the steps that the script made because I need to back track and see what it did and didn't change. Because my system is acting weird now.

 

[pucky]

You probably shouldnt have hti CTL-C. That was a bad move. How can anyone here help you? Pretty impossible to tell what has been changed without seeing the server. You should contact DA or get somebody who has knowledge to look at your server.

 

[jim.thornton]

Hind sight is 20/20

No... I realize that it was stupid, but I'm still in a tight spot here.

I guess really what I'm looking for is for someone to tell me what steps that script takes and I can go in and manually make the changes step by step. That way, I can see what was changed and what wasn't.

 

[jim.thornton]

Can't add domain to admin user level

Okay... I've tried adding a domain to the user level of the admin account and I'm getting an error. I assume that it is caused from the script that I aborted.

Here is what i'm getting:

Error Creating Domain

Details


Unable to create directory /home/admin/domains/newdomain.com,
A directory component in /home/admin/domains/newdomain.com does not exist or is a dangling symbolic link

Error creating /home/admin/domains/newdomain.com/public_html
A directory component in /home/admin/domains/newdomain.com/public_html does not exist or is a dangling symbolic link

Error creating /home/admin/domains/newdomain.com/public_html/cgi-bin
A directory component in /home/admin/domains/newdomain.com/public_html/cgi-bin does not exist or is a dangling symbolic link

Error creating /home/admin/domains/newdomain.com/public_html/cgi-bin/.htaccess
Unable to open /home/admin/domains/newdomain.com/public_html/cgi-bin/.htaccess for writing

Unable to create directory /home/admin/domains/newdomain.com/public_ftp,
A directory component in /home/admin/domains/newdomain.com/public_ftp does not exist or is a dangling symbolic link

Unable to create directory /home/admin/domains/newdomain.com/public_ftp/incoming,
A directory component in /home/admin/domains/newdomain.com/public_ftp/incoming does not exist or is a dangling symbolic link

When I re-created admin user after aborting the script, I didn't know what to set the user privileges as. What should I set them to?

 

[jlandes]

I suggest you contact DirectAdmin. They may be able to help you. I can't tell you what has and hasn't changed on your system. Sorry!

 

[jim.thornton]

I suggest you contact DirectAdmin. They may be able to help you. I can't tell you what has and hasn't changed on your system. Sorry!

Everything seems to be fine. I created an 'admin' user again in the CLI with useradd, and then I went into DA and created a new Administrator. Once that was done, I deleted the Admin user and it seems to be working fine.

Thanks for your help though.