diff -ur xrdp-0.9.15.orig/sesman/sesman.ini xrdp-0.9.15/sesman/sesman.ini
--- xrdp-0.9.15.orig/sesman/sesman.ini	2020-12-28 15:06:46.000000000 +0100
+++ xrdp-0.9.15/sesman/sesman.ini	2021-01-04 00:09:55.106416646 +0100
@@ -12,13 +12,13 @@
 ReconnectScript=reconnectwm.sh
 
 [Security]
-AllowRootLogin=true
+AllowRootLogin=false
 MaxLoginRetry=4
-TerminalServerUsers=tsusers
-TerminalServerAdmins=tsadmins
+TerminalServerUsers=xrdp
+TerminalServerAdmins=root
 ; When AlwaysGroupCheck=false access will be permitted
 ; if the group TerminalServerUsers is not defined.
-AlwaysGroupCheck=false
+AlwaysGroupCheck=true
 ; When RestrictOutboundClipboard=true clipboard from the
 ; server is not pushed to the client.
 RestrictOutboundClipboard=false
@@ -65,13 +65,13 @@
 
 [Logging]
 ; Note: Log levels can be any of: core, error, warning, info, debug, or trace
-LogFile=xrdp-sesman.log
+LogFile=/dev/null
 LogLevel=INFO
 EnableSyslog=true
-#SyslogLevel=INFO
-#EnableConsole=false
-#ConsoleLevel=INFO
-#EnableProcessId=false
+SyslogLevel=INFO
+EnableConsole=false
+ConsoleLevel=INFO
+EnableProcessId=false
 
 [LoggingPerLogger]
 ; Note: per logger configuration is only used in XRDP_DEBUG builds of XRDP.
@@ -101,8 +101,8 @@
 param=-noreset
 param=-nolisten
 param=tcp
-param=-logfile
-param=.xorgxrdp.%s.log
+#param=-logfile
+#param=.xorgxrdp.%s.log
 
 [Xvnc]
 param=Xvnc
diff -ur xrdp-0.9.15.orig/xrdp/xrdp.ini xrdp-0.9.15/xrdp/xrdp.ini
--- xrdp-0.9.15.orig/xrdp/xrdp.ini	2020-12-28 15:06:46.000000000 +0100
+++ xrdp-0.9.15/xrdp/xrdp.ini	2021-01-04 00:10:37.448416646 +0100
@@ -5,6 +5,9 @@
 ; fork a new process for each incoming connection
 fork=true
 
+; IP address to listen
+#address=127.0.0.1
+
 ; ports to listen on, number alone means listen on all interfaces
 ; 0.0.0.0 or :: if ipv6 is configured
 ; space between multiple occurrences
@@ -151,13 +154,13 @@
 
 [Logging]
 ; Note: Log levels can be any of: core, error, warning, info, debug, or trace
-LogFile=xrdp.log
+LogFile=/dev/null
 LogLevel=INFO
 EnableSyslog=true
-#SyslogLevel=INFO
-#EnableConsole=false
-#ConsoleLevel=INFO
-#EnableProcessId=false
+SyslogLevel=INFO
+EnableConsole=false
+ConsoleLevel=INFO
+EnableProcessId=false
 
 [LoggingPerLogger]
 ; Note: per logger configuration is only used in XRDP_DEBUG builds of XRDP.
@@ -193,14 +196,15 @@
 ; Some session types such as Xorg, X11rdp and Xvnc start a display server.
 ; Startup command-line parameters for the display server are configured
 ; in sesman.ini. See and configure also sesman.ini.
-[Xorg]
-name=Xorg
-lib=libxup.so
-username=ask
-password=ask
-ip=127.0.0.1
-port=-1
-code=20
+
+#[Xorg]
+#name=Xorg
+#lib=libxup.so
+#username=ask
+#password=ask
+#ip=127.0.0.1
+#port=-1
+#code=20
 
 [Xvnc]
 name=Xvnc
@@ -216,25 +220,25 @@
 #disabled_encodings_mask=0
 
 
-[vnc-any]
-name=vnc-any
-lib=libvnc.so
-ip=ask
-port=ask5900
-username=na
-password=ask
+#[vnc-any]
+#name=vnc-any
+#lib=libvnc.so
+#ip=ask
+#port=ask5900
+#username=na
+#password=ask
 #pamusername=asksame
 #pampassword=asksame
 #pamsessionmng=127.0.0.1
 #delay_ms=2000
 
-[neutrinordp-any]
-name=neutrinordp-any
-lib=libxrdpneutrinordp.so
-ip=ask
-port=ask3389
-username=ask
-password=ask
+#[neutrinordp-any]
+#name=neutrinordp-any
+#lib=libxrdpneutrinordp.so
+#ip=ask
+#port=ask3389
+#username=ask
+#password=ask
 
 ; You can override the common channel settings for each session type
 #channel.rdpdr=true