New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
How to prevent general users from logging into VestaCP
I know it's not a vesta forum, however I am posting here hoping that someone can help regarding this. I have installed vesta in one of my VPSs and I am creating users and DBs via their API. Now I just need to prevent these users from logging into Vesta panel. Which means only super admin can log in, no body else can
Any hints? Tips?
otherwise I'd have to modify the source which I don't want to do
Comments
I don't know of a way to do that natively in vestaCP itself, as i think it would assume if you add a user to it, you're expecting that user to utilize the panel. Maybe you could restrict the web interface itself with an .htaccess file to only allow yours or whoever will be the superuser IP address?
but, +1 internet points for use of vestaCP and its API
Yeah, it's really cool. Specially Vesta's command line tools are mind blowing awesome. I like the smooth automation it gives me. The only point where I am stuck is preventing these users from logging into Vesta
/usr/local/vesta/conf/nginx.conf
Under the vhost that listens on port 8083, you can choose how you want to protect the virtual host.
Want to create a general password that is required to even access the login page? Use this:
auth_basic "Error Message Here";
auth_basic_user_file /path/to/passwd/file;
Or perhaps limit access by IP?
allow ip.address.here;
deny all;
Just pop one of these in the vhost configuration. You can use the link below to generate a password file.
http://aspirine.org/htpasswd_en.html
I think there is no other way then this:
Create a database for your website
User fills in the form -> Userdata is stored in the database you created -> Auto create user with random account on vestacp using api -> store random password in db you created
When a user want's to create a database:
User fills in login/create form -> Db you created: select random vestacp password and use api to create database
Thanks jarland, that could be one way of doing it. Much appreciated