Delete original admin account?

Z

zakazak

Verified User
Joined
Dec 20, 2018
Messages
55
For security reasons I want to get rid of the standard / original user "admin".
Is it safe to:
  1. Create new user "admin2"
  2. Move all users from "admin" to "admin2"
  3. Delete admin
I already moved all users from admin to admin2 and in the list of "Administrators" it says that "admin" still uses 70GB disk space (although there aren't any backups or similar in /home/admin/).
Also I had to re-create the cronjob for the Admin-Backup since this was in "possession" of user "admin" and would also store the backups in /home/admin/ which would be deleted once deleting "admin".
Any other things I have to pay attention to when deleting admin?

Thanks!
 
zakazak said:
For security reasons I want to get rid of the standard / original user "admin".
Click to expand...
We already using this for more than 16 years without issue, there is no security issue to it. If you don't want to use it, just create a new admin with another username and use that and set an impossible password for the main admin.
We also have a couple of admin accounts where the main admin account is hardly or not used on some servers.

However, if you still want to do what you want, doublecheck this thread:

Change Default Admin Username

Hi all - first post! I'm taking my first crack at managing my own VPS, and so far things are going well. Fixed a few quirks already so I'm feeling more confident :). Anyway, to the question. I chose to have a personal license so I'm limited to only one Directadmin account (fine for my...
forum.directadmin.com forum.directadmin.com
use at own risk ofcourse.
 
Richard G said:
We already using this for more than 16 years without issue, there is no security issue to it. If you don't want to use it, just create a new admin with another username and use that and set an impossible password for the main admin.
We also have a couple of admin accounts where the main admin account is hardly or not used on some servers.

However, if you still want to do what you want, doublecheck this thread:

Change Default Admin Username

Hi all - first post! I'm taking my first crack at managing my own VPS, and so far things are going well. Fixed a few quirks already so I'm feeling more confident :). Anyway, to the question. I chose to have a personal license so I'm limited to only one Directadmin account (fine for my...
forum.directadmin.com forum.directadmin.com
use at own risk ofcourse.
Click to expand...

With impossible password you mean a very long/difficult password? If so, ofcourse I am doing that already with all my DA passwords.

Regarding security: it just gives one less option of becoming a potential issue. One more obstacle in bruteforcing it.

So possible ways are to re-name admin or to create a new admin, move everything to the new admin, delete old admin.

I will wait if anyone can contribute here from experience what works best :)
 
zakazak said:
So possible ways are to re-name admin or to create a new admin, move everything to the new admin, delete old admin.
Click to expand...

The both are possible. Actually there is no need to complicate simple things. It does not matter which way you choose. While you have a working administrator account all is fine. The difference is whether you feel good to use CLI/SSH, that's it.

So you might use the link, Richard has provided. Or just choose the way to create/delete accounts.
 
zEitEr said:
The both are possible. Actually there is no need to complicate simple things. It does not matter which way you choose. While you have a working administrator account all is fine. The difference is whether you feel good to use CLI/SSH, that's it.

So you might use the link, Richard has provided. Or just choose the way to create/delete accounts.
Click to expand...

Thanks, that gives confidence! :)

So there is no application / service / plugin in DA that might go weird because a generic "admin" account name is missing?
I also thought about first trying to suspend "admin" to play is safe. That didn't cause any noticable errors.
In the worst case scenario I could always re-create an admin account named "admin" to fix issues?
 
zakazak said:
So there is no application / service / plugin in DA that might go weird because a generic "admin" account name is missing?
Click to expand...

You are the only boss on your server. And even if I don't recall any plugin using "admin" it does not necessary mean you don't use any of the like.

If you use custom made scripts, hooks or plugins they might be hardcoded to use the "admin" account. And we can not predict how would they work if you delete the account.

Plugins which I'm aware of, or which I'm using and/or writing are not hardcoded to use the "admin" account, but they rather find an administrator account from DirectAdmin API or directly from files.

So, if we talk about the default installation with no custom plugins with no custom hooks, it is safe to delete/rename the "admin" account. Otherwise you might take a risk.
 
zEitEr said:
You are the only boss on your server. And even if I don't recall any plugin using "admin" it does not necessary mean you don't use any of the like.

If you use custom made scripts, hooks or plugins they might be hardcoded to use the "admin" account. And we can not predict how would they work if you delete the account.

Plugins which I'm aware of, or which I'm using and/or writing are not hardcoded to use the "admin" account, but they rather find an administrator account from DirectAdmin API or directly from files.

So, if we talk about the default installation with no custom plugins with no custom hooks, it is safe to delete/rename the "admin" account. Otherwise you might take a risk.
Click to expand...

Thanks for your feedback! I just deleted user "admin" and the server hasn't started to smoke or burn yet :)
 
zakazak said:
Thanks for your feedback! I just deleted user "admin" and the server hasn't started to smoke or burn yet :)
Click to expand...

Give it time. A long uncrackable password along with fail2ban would have been better.
 
floyd said:
Give it time. A long uncrackable password along with fail2ban would have been better.
Click to expand...
Have you ever had any troubles by deleting "admin"?

Of course I am using a very long password as well as bruteforce protection.
 
zakazak said:
Have you ever had any troubles by deleting "admin"?

Of course I am using a very long password as well as bruteforce protection.
Click to expand...

I have never deleted admin because we were warned against it by JBMC.
 
You must log in or register to reply here.
Back
Top