In the hardening guide https://wiki.ipfire.org/optimization/start/security_hardening/good_security_practice, under ‘Change default login details’, there is a suggestion to ‘Change the default “admin” account in IPFire to a different username which will not be obvious to an attacker’.
Can someone provide some hints as to how that might be done?
Look in /etc/httpd/conf/vhosts.d/ipfire-interface-ssl.conf There is “Require user admin” in various places. You could make changes to “Require user alice”.
There is also /var/ipfire/auth/users that contains admin:pw. You can save that file as users.orig and create a new users file that will have alice:pw (see htpasswd utility).
If all goes well, https://ipfire_address:444/ should auth as alice and password you gave.
Paul, thank you for answer,
what will be the algorithm for adding a new user (for web-access only)?
Hi Paul,
Your suggestions worked for me – after I rebooted the system 
There were lots of entries showing up in /var/log/httpd/error_log:
[Sun May 30 14:32:16.752750 2021] [authz_core:error] [pid 26813:tid 2923393968] [client 10.137.113.151:38140] AH01631: user astrid: authorization failure for “/cgi-bin/index.cgi”:
but a system reboot fixed that. Would a web server restart have been adequate to recognize the edits?
Hi all,
Some time ago, I had already asked this question and @ms warned me that this modification could impact GUI access after a core update :
Login of the GUI - Security - IPFire Community
Kind regards, Stéphane
As long as you are using a secure password, you should be fine. But those files are part of the IPFire system configuration and will be overwritten in any of the next updates.