Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


How to prevent general users from logging into VestaCP
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

How to prevent general users from logging into VestaCP

ironhideironhide Member

I know it's not a vesta forum, however I am posting here hoping that someone can help regarding this. I have installed vesta in one of my VPSs and I am creating users and DBs via their API. Now I just need to prevent these users from logging into Vesta panel. Which means only super admin can log in, no body else can :)

Any hints? Tips?

otherwise I'd have to modify the source which I don't want to do :(

Comments

  • I don't know of a way to do that natively in vestaCP itself, as i think it would assume if you add a user to it, you're expecting that user to utilize the panel. Maybe you could restrict the web interface itself with an .htaccess file to only allow yours or whoever will be the superuser IP address?

    Thanked by 1ironhide
  • but, +1 internet points for use of vestaCP and its API :D

    Thanked by 1ironhide
  • Yeah, it's really cool. Specially Vesta's command line tools are mind blowing awesome. I like the smooth automation it gives me. The only point where I am stuck is preventing these users from logging into Vesta :)

  • jarjar Patron Provider, Top Host, Veteran
    edited May 2014

    /usr/local/vesta/conf/nginx.conf

    Under the vhost that listens on port 8083, you can choose how you want to protect the virtual host.

    Want to create a general password that is required to even access the login page? Use this:

    auth_basic "Error Message Here";

    auth_basic_user_file /path/to/passwd/file;

    Or perhaps limit access by IP?

    allow ip.address.here;

    deny all;

    Just pop one of these in the vhost configuration. You can use the link below to generate a password file.

    http://aspirine.org/htpasswd_en.html

    Thanked by 2ironhide PremiumN
  • cassacassa Member
    edited May 2014

    I think there is no other way then this:

    Create a database for your website

    User fills in the form -> Userdata is stored in the database you created -> Auto create user with random account on vestacp using api -> store random password in db you created

    When a user want's to create a database:

    User fills in login/create form -> Db you created: select random vestacp password and use api to create database

  • jarland said: /usr/local/vesta/conf/nginx.conf

    Thanks jarland, that could be one way of doing it. Much appreciated

Sign In or Register to comment.