LiveChat 
Support 
Get an Email Alert when Somebody Logs in as Root
How to setup an Email alert once someone has logged into your server as root?
It is advised to set an email alert once someone gets logged into your server via. SSH/root.
You need to form amendments to the .bashrc that’s offered underneath the ‘/root’ partition. This file could be a hidden, thus you need to use the -a flag with ls command to look at all the hidden files.
Then add the below code to the bottom of the existing code :
echo ‘SSH Root Access (Your Server Name) on:’ `date` `who` | mail -s
“ALERT: Root Access from `who | cut -d”(” -f2 | cut -d”)” -f1`” [email protected]
NOTE: We suggest you :
- Not to alter root logins over SSH.
- Also, it’s helpful to use an email address that isn’t hosted on a similar server from which the notifications would be sent.
- This procedure is appropriate just for those customers who have an SSH access i.e.. with VPS Hosting, Cloud Hosting, Semi-Dedicated Servers and Dedicated Hosting Servers.
This procedure ought to be useful to all the customers who have servers with multiple administrators or have to give an SSH access to someone on an everyday basis. Here again, we might stress on limiting the disclosure of the Root password and keeping it to minimum. Further, we might prefer to encourage you to alter it on an everyday basis.
Though, the mentioned procedure wouldn’t facilitate if somebody tries to hack into your server using the newest kernel exploit, due to the fundamental fact that, the hacker would produce a unique SSH or telnet affiliation. Inorder to protect your server from such activities, you need to keep your server updated, get a firewall installed and adopt the updated security releases.
You must re-check if the modifications are operating fine. If you face a difficulty with this and need any assistance, please contact our 24×7 Linux operating system Technical Support Team either via. Live Chat or raise a price ticket at the service.