Hi,
I have installed CyberPanel + LiteSpeed Web Server via an image on a VPS (Google Cloud). I have performed the updates and basic security configurations.
However, I am facing a problem due to my lack of skills in this area and I hope you can enlighten me.
To ensure the server's security, I subscribed to an Immunify360 license. The issue is that I realize there are several non-system users (or rather no configuration...). Currently, I am the only one using the server and I am hosting only one website.
I use an SSH connection via Google Cloud for terminal commands (user account automatically configured by Google).
The administrator username for CyberPanel is "litespeed webadmin". Here is the result of the cat /etc/passwd command. As you can see, there are a number of other users with a UID > 1000.
How can I sort out what is useful and what is not? How can I solve the problem without messing everything up ? Here is the result of the cat /etc/passwd command. PS: I noticed that the etc/login.defs file contains lines that automatically assign UIDs to system and non-system users, but this applies to new users, not the old ones. Hoping I haven't been too confusing, I thank you in advance for your response.
Sorry for the language approximations, I am using a translator.
I have installed CyberPanel + LiteSpeed Web Server via an image on a VPS (Google Cloud). I have performed the updates and basic security configurations.
However, I am facing a problem due to my lack of skills in this area and I hope you can enlighten me.
To ensure the server's security, I subscribed to an Immunify360 license. The issue is that I realize there are several non-system users (or rather no configuration...). Currently, I am the only one using the server and I am hosting only one website.
I use an SSH connection via Google Cloud for terminal commands (user account automatically configured by Google).
The administrator username for CyberPanel is "litespeed webadmin". Here is the result of the cat /etc/passwd command. As you can see, there are a number of other users with a UID > 1000.
How can I sort out what is useful and what is not? How can I solve the problem without messing everything up ? Here is the result of the cat /etc/passwd command. PS: I noticed that the etc/login.defs file contains lines that automatically assign UIDs to system and non-system users, but this applies to new users, not the old ones. Hoping I haven't been too confusing, I thank you in advance for your response.
Sorry for the language approximations, I am using a translator.
Bash:
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
systemd-network:x:100:102:systemd Network Management,,,:/run/systemd:/usr/sbin/nologin
systemd-resolve:x:101:103:systemd Resolver,,,:/run/systemd:/usr/sbin/nologin
messagebus:x:102:105::/nonexistent:/usr/sbin/nologin
systemd-timesync:x:103:106:systemd Time Synchronization,,,:/run/systemd:/usr/sbin/nologin
syslog:x:104:111::/home/syslog:/usr/sbin/nologin
_apt:x:105:65534::/nonexistent:/usr/sbin/nologin
tss:x:106:112:TPM software stack,,,:/var/lib/tpm:/bin/false
uuidd:x:107:113::/run/uuidd:/usr/sbin/nologin
tcpdump:x:108:114::/nonexistent:/usr/sbin/nologin
sshd:x:109:65534::/run/sshd:/usr/sbin/nologin
pollinate:x:110:1::/var/cache/pollinate:/bin/false
landscape:x:111:116::/var/lib/landscape:/usr/sbin/nologin
fwupd-refresh:x:112:117:fwupd-refresh user,,,:/run/systemd:/usr/sbin/nologin
_chrony:x:113:121:Chrony daemon,,,:/var/lib/chrony:/usr/sbin/nologin
ubuntu:x:1000:1000:Ubuntu:/home/ubuntu:/bin/bash
lxd:x:999:100::/var/snap/lxd/common/lxd:/bin/false
cyberpanel:x:1003:1004:,,,:/home/cyberpanel:/bin/false
docker:x:1004:1005:,,,:/home/docker:/bin/bash
lsadm:x:998:999:lsadm:/:/sbin/nologin
mysql:x:114:122:MySQL Server,,,:/nonexistent:/bin/false
ftpuser:x:2001:2001:pureftpd user:/bin/null:/bin/false
pdns:x:115:123:PowerDNS,,,:/var/spool/powerdns:/bin/false
postfix:x:116:125::/var/spool/postfix:/usr/sbin/nologin
dovecot:x:117:127:Dovecot mail server,,,:/usr/lib/dovecot:/usr/sbin/nologin
dovenull:x:118:128:Dovecot login user,,,:/nonexistent:/usr/sbin/nologin
vmail:x:5000:5000::/home/vmail:/bin/sh
opendkim:x:119:129::/run/opendkim:/usr/sbin/nologin
lscpd:x:5001:5001::/usr/local/lscp:/bin/sh
memcache:x:120:130:Memcached,,,:/nonexistent:/bin/false
redis:x:121:131::/var/lib/redis:/usr/sbin/nologin
demouser:x:5002:5002::/home/demouser:/bin/bash
ls:x:5003:5003::/home/ls:/bin/bash
contact:x:5004:5004::/home/contact:/bin/bash
_imunify:x:997:997::/home/_imunify:/bin/false
franc2450:x:1001:1002:,,,:/home/france-camions.fr:/bin/bash
ossec:x:996:996::/var/ossec:/sbin/nologin
ossecr:x:995:996::/var/ossec:/sbin/nologin
ossecm:x:994:996::/var/ossec:/sbin/nologin
ossece:x:993:996::/var/ossec:/sbin/nologin
imunify360-webshield:x:992:995:imunify360-webshield user:/var/cache/imunify360-webshield:/usr/sbin/nologin