09-06-2011, 08:22 AM
|
|
Junior Guru
|
|
Join Date: Sep 2004
Posts: 224
|
|
How to suspend user without suspendind cpanel account
Hi,
Anyone here know how it's possible to suspend a website on WHM in keeping the customer to use his cpanel and ftp access ?!
Thanks
|
09-06-2011, 08:30 AM
|
|
WHT Addict
|
|
Join Date: Feb 2010
Posts: 164
|
|
Can you explain the circumstances why you need to do this? Not being noisy but help come up with an answer for you.
__________________
█ DMB SOLUTIONS LTD
█ DMB Hosting - UK Web hosting and VPS Servers
█ All owned hardware Chicago and UK
|
09-06-2011, 08:39 AM
|
|
Temporarily Suspended
|
|
Join Date: Jan 2011
Posts: 160
|
|
simple rename index.html, this will be enough to take his site down.
|
09-06-2011, 09:21 AM
|
|
Stairway To Hosting
|
|
Join Date: Mar 2003
Location: Canada
Posts: 7,959
|
|
1. chmod 000 public_html
2. chown root:root public_html
That will prevent files under public_html from being served, and prevent them from enabling it again.
__________________
SYN Hosting - Affordable, Reliable & Secure Web Hosting - Proudly In Business Since 2006!
Host Unlimited Websites -/ - cPanel -/ - Softaculous -/ - CloudFlare -/ - SSH Access -/ - 24/7 Tech Support
http://www.synhosting.com - Need a Canadian budget managed dedicated server? Click here for details.
|
09-06-2011, 10:20 AM
|
|
Junior Guru Wannabe
|
|
Join Date: Oct 2010
Posts: 64
|
|
every option i could think of (including the ones mentioned above) allow the user to un-suspend themselves if they wanted.
which brings me to daimon666's question
|
09-06-2011, 10:41 AM
|
|
Web Hosting Master
|
|
Join Date: Dec 2005
Posts: 2,223
|
|
You can disable a file or directory by changing it's permission.
__________________
DHCart - Domain and Hosting shopping cart PHP script with Domain availability checking
www.dhcart.com | Demo
|
09-06-2011, 10:44 AM
|
|
Technical Nutcase
|
|
Join Date: Mar 2009
Location: Miami, Florida
Posts: 18,352
|
|
Hello,
You could try creating the following .htaccess file containing. It would cripple anything in the webroot. This however would still allow any outbound scripts to work.
Redirect 301 / http://domain.com/cgi-sys/suspendedpage.cgi
__________________
█ Keith M.. - CTO
█ Shared & Reseller Hosting | VPS | Cloud Servers | Dedicated Servers | Colocation
█ 99.999% Uptime | US & UK Locations | 24x7x365 Friendly Support | Satisfaction Guarantee
█ Big Brain Global Networks - Your Managed Provider | A Division of Big Brain, LLC
|
09-06-2011, 11:44 AM
|
|
Junior Guru
|
|
Join Date: Sep 2004
Posts: 224
|
|
Sure,
I have a customer that his website overload my server at 600% due at a script php problem... I want allow him to fix the problem to get his website back online. I have suspended his account because if the account is active the entire server crash.. so what i can do for allow the customer to make the change of his website without see his website online.
Thanks for your answer
|
09-06-2011, 12:10 PM
|
|
Premium Member
|
|
Join Date: Mar 2010
Posts: 283
|
|
create .htaccess file and past the following code.
single ip address access
order deny,allow
deny from all
allow from 192.168.1.1
http://www.yourdomain.com/.htaccess
multiple ip address access
order deny,allow
deny from all
allow from 192.168.1.1
allow from 192.168.1.2
allow from 192.168.1.3
Authorize the ip for your client only he will be able to access site without any problem no one else.
|
09-06-2011, 12:19 PM
|
|
<?require_once("life")?>
|
|
Join Date: Sep 2002
Location: inside your network
Posts: 9,548
|
|
Quote:
Originally Posted by anythingss
every option i could think of (including the ones mentioned above) allow the user to un-suspend themselves if they wanted.
|
No they don't (or they shouldn't).
If you change ownership of public_html to root:root, nobody should be able to change that back.
.htaccess files will be easily removed by the user, theoretically.
If you want to REALLY suspend things (without suspending the account):
Code:
chown root:root /home/username
chmod 000 /home/username
This way, even if they can login (they can), they can't change anything back to themselves, or shouldn't be able to.
__________________
Linux Tech Networks Reliable, Affordable Linux administration and monitoring since 2002
|
09-06-2011, 09:11 PM
|
|
Junior Guru Wannabe
|
|
Join Date: Oct 2010
Posts: 64
|
|
Quote:
Originally Posted by linux-tech
No they don't (or they shouldn't).
If you change ownership of public_html to root:root, nobody should be able to change that back.
.htaccess files will be easily removed by the user, theoretically.
If you want to REALLY suspend things (without suspending the account):
Code:
chown root:root /home/username
chmod 000 /home/username
This way, even if they can login (they can), they can't change anything back to themselves, or shouldn't be able to. |
proftpd running without pam (such as the config cpanel does) allows you to do many things to override file permissions, regardless of their ownership or permissions.
#touch testfile
#chmod 000 testfile
#chown root:root testfile
ftp> Command: DELE testfile
ftp> Response: 250 DELE command successful
#ls testfile
ls: cannot access testfile: No such file or directory
edit: i think its the lack of pam that allows it to happen, not sure tho.
Last edited by anythingss; 09-06-2011 at 09:16 PM.
|
09-06-2011, 09:22 PM
|
|
<?require_once("life")?>
|
|
Join Date: Sep 2002
Location: inside your network
Posts: 9,548
|
|
all the more reason to switch from proftpd.
If you follow the advice about chmoding /home/user and changing ownership, the user has nowhere to login to, even with ftp programs
__________________
Linux Tech Networks Reliable, Affordable Linux administration and monitoring since 2002
|
| Thread Tools |
Search this Thread |
|
|
|
| Display Modes |
 Linear Mode
|
| Postbit Selector |
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
|
|
| Login: |
|
|
| Advertisement: |
|
|
| Web Hosting News: |
|
|
|
