I was using a PC with OPNsense since few years and the first thing I did, was to disabled root account in web GUI (System > Access > Users > Root). On the console screen, I was able to see logs and to connect with a second admin account and then, launch root access. that way permit to access CLI menu (with numbers to select pfTop, logs, reset, reboot, etc.)
Since I'm configuring an OPNsense applicance, I've to keep root account enabled and even if I block ssh access for it, it still able to connect on WEBGUI.
Did I miss something in my configuration?
SSH access and web GUI (HTTP/s) access are two different things.
If you want to disable the default "root" account on GUI you need to disabled it in the GUI settings.
But before that create a new admin account.
Regards,
S.