Change the initial settings for aaPanel

by Daniel Pham
Published: Updated:

After you have installed aaPanel, you need to change the initial settings for aaPanel. Why do you need to do this?

The reason is not because aaPanel is insecure. But because they are commonly used tools, the default settings can be dangerous. For example, aaPanel uses the default port 8888. This can be known to hackers or people who want to sabotage. And they can rely on it to find ways to exploit your server.

Change the initial settings for aaPanel

In the admin window of aaPanel, click on the Settings menu on the left. The option setting window will appear as shown below.

Change the initial settings for aaPanel
Settings window of aaPanel.

Now, please change the following settings one by one.

Alias

Please change the aaPanel Linux panel to the domain you want to use for the panel. For example, I will change it to aapanel.devopslite.com

Panel port

Click the Modify button and change the default port 8888 to any port greater than 1024. For example, I will change it to port 9999. After entering the new port number and checking I already understand, click Confirm and you’re done.

Change the initial settings for aaPanel
Select I already understand when setting up panel ports.

At this point, the panel window will reload itself with the new port number 9999. Note that you need to open the firewall to allow access to port 9999 (or the port you want to use) before you choose to change. Because, if you don’t have a firewall, after changing the port, you will no longer be able to access the panel.

Security Entrance

You can keep this part the same or change it as you like. This is the security URI part of aaPanel. You can only log in to the panel when you know this URI part. For example, I will change it to /urllogin to make it easier to remember. But it is recommended that if you change, choose a random string of characters.

Change the initial settings for aaPanel
Change security entrance for aaPanel.

BasicAuth

This is one of the important settings that you should not ignore. This setting allows for an additional layer of authentication before you can log in to the panel.

At the BasicAuth setup line, click the Set button. A confirmation window will appear, select it as shown below and click confirm.

Change the initial settings for aaPanel
Confirm BasicAuth enabled in aaPanel.

Next, a window will appear for you to enter your BasicAuth account. There are 3 lines here:

  • Service status: Select On to activate this service.
  • User name: Enter the username you want to use. For example, I enter phamdung.
  • Password: Enter the password you want to use.
Change the initial settings for aaPanel
Enter the BasicAuth account for aaPanel.

Please note to change the username and password you want to use. And you should choose an account with a slightly more difficult level instead of choosing something like: admin/admin123.

After you click Save, the panel window will automatically reload and display the BasicAuth window as shown below. You must enter the account you just created above to continue using the panel.

Change the initial settings for aaPanel
Login to aaPanel with BasicAuth account.

Notification

Note: To use the email notification section, your server needs to allow connection to mail service ports such as 25, 465, 587.

This section allows you to set up an email account to send and receive notifications from the panel. Notifications can be such as: someone just logged into your panel, the panel is overloaded or the panel is having problems,…

Click the Set button to start setting up this item. A window appears as shown below. You will see 2 parts:

  • Recipient: This is the email account that will receive notifications. You can add more than 1 account if you want.
  • Sender: This is the email account that the panel will use to send notifications.
Change the initial settings for aaPanel
Set up Notification for aaPanel.
Set up Recipient

Click the Add recipient button to add an email account to receive notifications. Then, enter your email address in the box and click the Create button.

Change the initial settings for aaPanel
Create recipient for Notification in aaPanel.
Change the initial settings for aaPanel
Results of creating recipient Notification in aaPanel.
Set up Sender

Note: to be able to use Gmail. You need to enable the Less secure app access function.

Next, to set up the sender, click the Sender settings button. A window will appear as shown below.

Change the initial settings for aaPanel
Set up sender for Notification in aaPanel.

In this window, you will set the following lines:

  • Sender email: This is the email address you use to send notifications. In case you use Gmail, you can enter your address for example [email protected].
  • smtp password: This is the password for the email address you just entered above.
  • smtp server: In the example, I entered my mail server address. If you use Gmail, you can enter smtp.gmail.com.
  • smtp port: This is the connection port to the smtp server. You can use port 465 or 587, it is not recommended to use port 25.

After filling out, click the Save button to save.

Login panel alert

You can only activate this setting after you have set up Notification above. This setting will alert you via email when anyone logs into the panel.

Panel user

Click Modify to change the original username information. A new window appears, enter the new username you want to use.

Change the initial settings for aaPanel
Change aaPanel admin user.

It is recommended here that you can use the Random button to generate a username that is a random string.

Panel password

Similarly for users, you can also click the Modify button to change the panel administration password. And the recommendation here is also that you should use the Random button to generate a random password.

Change the initial settings for aaPanel
Change aaPanel admin password.

You can save users and passwords to password management tools like Lastpass or Keepass for safety without having to remember what the random string is.

Conclusion

After you change all the settings above, scroll down to the bottom of the Settings window and click the Save button to save them all.

And now, try logging out and then logging back into the panel to see how it goes. You can rest assured that your aaPanel server is even more secure now that the default settings have been changed. In the next article, I will guide you to use the domain for aaPanel.

0 0 votes
Article Rating

You may also like

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments

DevOps Lite is a personal blog specializing in technology with main topics about DevOps, DevSecOps, SRE and System Administrator. Articles are shared for free and contributed to the community.

SUPPORT US

FOLLOW US

Subscribe my Newsletter for new blog posts. Stay updated from your inbox!

© 2021-2024 DevOpsLite.com – All rights reserved.

Please write sources “DevOpsLite.com” when using articles from this website.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

2
0
Would love your thoughts, please comment.x
()
x

Adblock Detected

Please support us by disabling your AdBlocker extension from your browsers for our website.