littlebizzy / slickstack

Lightning-fast WordPress on Nginx
https://slickstack.io
GNU General Public License v3.0
643 stars 113 forks source link

After installing SlickStack I'm locked out (using the root user login) #89

Closed miketester19 closed 3 years ago

miketester19 commented 3 years ago

Hello After Installing SlickStack, first I'm locked out, This is strange, this shouldn't happen. Secondly domain url gives me, under maintenance. Please Put out a good step by step guide, errors and solutions. Third, Getting Grade B On SSL Lab.

Thank you.

jessuppi commented 3 years ago

Hey thanks for commenting @miketester19 but this isn't a bug or feature suggestion, best to keep how-to discussions on our chat communities like our Discord server where I already commented on your questions.

Yes root is locked out after installation completes, which is considered best practice for server security. You need to SSH using the sudo user you setup during the wizard i.e. in your ss-config settings.

The maintenance message can be disabled by deleting /var/www/html/maintenance.html as explained on that page.

SlickStack gets an A+ rating on SSL Labs with either Lets Encrypt or OpenSSL / CloudFlare so I'm not sure what you did to your SSL certificate settings but if you keep defaults it would receive the best score possible.

I'll close this Issue but if you have a screenshot or details re: your SSL please comment below, thanks --

jessuppi commented 3 years ago

As per Discord discussion, be sure to set CloudFlare SSL settings to be TLS 1.2 or higher (only) and this will allow you to achieve the A+ score on SSL Labs, as this pertains to current PCI standards.

miketester19 commented 3 years ago

Hello Littlebizzy; Thank you for your response, First of all Let me thank you, I mean bundle of thank you for creating a such great oneclick Install Script, that is bundle with Optimization and security features. We all must highly appreciate your hard word and efforts providing us with such a awesome and great product. Most of us just grab the OneInstall and they don't even provide the feed back.. But Let me say thank you again from all of us. Littlebizzy, 80% of us are just the users who are looking for Oneclick Install Product, cause we are lack of Techno knowledge and plus the control panel cost money. Note: I've tested all of the Scripts that are available . EasyEgince, Webinoly. wordops and few other along with control panels. I personally don't like Control Panels, those are bloated plus take lots of resources. And All the scripts that I've tested, those have flaws, missing features, lack of optimization and Security.. So I was looking for the best and kept looking, then I found a link, SlickStack. that took me to the LowEndTalk So I decided to give it a try. Firs it was little hard for me to understand how to Install, since It was indicating ss-config.. Anyways I installed, tested. But I got locked out as a root .. I thought I made a mistake, but later I learned that, that's the Security feature..Then I asked for your help , I wasn't getting A Grade On Qualys SSL Lab., and I followed your instruction and I got A+ On Qualys SSL Lab. Thank You Thank you Thank you.. SlickStack Is The Best Of All. Request / Q : Would it be possible getting back root access, since I do lots of other things that require root access. It won't let me using sudo.. Thanks again for your hard word and efforts providing us with such a great product. Have Nice Day..

Sent with ProtonMail Secure Email.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, February 13, 2021 12:19 PM, Jesse Nickles notifications@github.com wrote:

Hey thanks for commenting @miketester19 but this isn't a bug or feature suggestion, best to keep how-to discussions on our chat communities like our Discord server where I already commented on your questions.

Yes root is locked out after installation completes, which is considered best practice for server security. You need to SSH using the sudo user you setup during the wizard i.e. in your ss-config settings.

The maintenance message can be disabled by deleting /var/www/html/maintenance.html as explained on that page.

SlickStack gets an A+ rating on SSL Labs with either Lets Encrypt or OpenSSL / CloudFlare so I'm not sure what you did to your SSL certificate settings but if you keep defaults it would receive the best score possible.

I'll close this Issue but if you have a screenshot or details re: your SSL please comment below, thanks --

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or unsubscribe.

jessuppi commented 3 years ago

@miketester19 Thanks for your kind words, if you'd be willing to review SlickStack it would really help us too:

Ref: https://www.capterra.com/p/211436/SlickStack Ref: https://www.g2.com/products/slickstack/reviews Ref: https://www.saashub.com/slickstack-alternatives Ref: https://www.producthunt.com/posts/slickstack

As we are still in a sort of "beta" stage our core features are still evolving but we appreciate all feedback and yes, it is difficult to get feedback from many users.

The root user is permanently locked out of SSH when you install SlickStack. If you forgot the sudo user password, you will need to login to your server using the Console tool at your cloud hosting, e.g. VNC Console. Then you can login with the root user as long as your remember the root password, or have your hosting provider reset the root password beforehand.

You would still need to use the sudo user going forward re: normal SSH sessions.

jessuppi commented 3 years ago

Post-installation message updated as per below commit.

Ref: https://github.com/littlebizzy/slickstack/commit/bb08a9802475c113728c7ff6edb775cb37e7bc5c