Centova Technologies Forum

Centova Cast v3 => Feature requests => Topic started by: isaacl on February 25, 2016, 10:57:57 am

Title: Split Up Admin and User Logins
Post by: isaacl on February 25, 2016, 10:57:57 am: Any way to split up the admin and user panels and logins, so that they run on separate ports, and can be restricted separately (similar to how cPanel has the WHM and cPanel logins on separate ports)?
Thanks.
Title: Re: Split Up Admin and User Logins
Post by: Stream101 on March 02, 2016, 05:00:23 am: Why would this be beneficial? Just curious? In the end, all the database entries are the same with Centova and I'd imagine it would be a massive split.
Title: Re: Split Up Admin and User Logins
Post by: isaacl on March 07, 2016, 10:32:05 pm: If the login pages are on separate ports, the admin and user login pages can be locked down separately, with separate settings and access for each.
And it wouldn't require any splitting on the backend, just restricting users to log in on one port, and admins on another.
Title: Re: Split Up Admin and User Logins
Post by: scysys on March 13, 2016, 08:13:39 am: All you need is just an good password. Anthing else is too much for centova panel.
Title: Re: Split Up Admin and User Logins
Post by: isaacl on March 16, 2016, 02:46:37 pm: That's what they all say... Until something gets hacked, or someone's password is compromised, etc.
Title: Re: Split Up Admin and User Logins
Post by: Roger on March 16, 2016, 06:58:59 pm: Quote from: isaacl on March 16, 2016, 02:46:37 pm
That's what they all say... Until something gets hacked, or someone's password is compromised, etc.

How exactly would this feature help if a password is stolen?
Title: Re: Split Up Admin and User Logins
Post by: LawsHosting on March 20, 2016, 02:55:53 am: Maybe 2FA would help in this case.
Title: Re: Split Up Admin and User Logins
Post by: isaacl on March 20, 2016, 10:35:29 pm: Quote from: Roger on March 16, 2016, 06:58:59 pm
How exactly would this feature help if a password is stolen?

Quite simple, since the port can be locked down so the port isn't publicly accessible, and only specific source IPs/dynamic DNS hostnames (I use CSF) can access that port, no one else can get to the admin part, even if they have your password.
I do that with cPanel, where port 2087 isn't accessible to anyone but me, and haven't had any issues.
Title: Re: Split Up Admin and User Logins
Post by: isaacl on March 20, 2016, 10:36:05 pm: Quote from: LawsHosting on March 20, 2016, 02:55:53 am
Maybe 2FA would help in this case.

That would help as well, but I rather not even let others access my admin port to begin with.
Title: Re: Split Up Admin and User Logins
Post by: Centova Technologies on March 29, 2016, 04:40:06 pm: Respectfully, this is a bit of a silly request. Using a separate port for the admin interface adds nothing in terms of security.

If you want to limit admin access by IP, you can do that by editing the nginx configuration in /usr/local/centovacast/etc and restricting access to /admin/ by IP address (or by any other mechanism you deem appropriate). For this to be useful you'd also need to block access to the API (/api.php) which also accepts the admin credentials.