hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Hosting Software and Control Panels : How to suspend user without suspendind cpanel account
Reply

Forum Jump

How to suspend user without suspendind cpanel account

Reply Post New Thread In Hosting Software and Control Panels Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old
Junior Guru
 
Join Date: Sep 2004
Posts: 234

How to suspend user without suspendind cpanel account


Hi,

Anyone here know how it's possible to suspend a website on WHM in keeping the customer to use his cpanel and ftp access ?!



Thanks



Sponsored Links
  #2  
Old
WHT Addict
 
Join Date: Feb 2010
Posts: 164
Can you explain the circumstances why you need to do this? Not being noisy but help come up with an answer for you.

__________________
█ DMB SOLUTIONS LTD
DMB Hosting - UK Web hosting and VPS Servers
█ All owned hardware Chicago and UK

  #3  
Old
Temporarily Suspended
 
Join Date: Jan 2011
Posts: 160
simple rename index.html, this will be enough to take his site down.

Sponsored Links
  #4  
Old
Security Ninja
 
Join Date: Mar 2003
Location: Canada
Posts: 8,750
1. chmod 000 public_html
2. chown root:root public_html

That will prevent files under public_html from being served, and prevent them from enabling it again.

__________________
Patrick William | RACK911 Labs | Software Security Auditing
300+ Vulnerabilities Found - Get a Quote @ http://www.RACK911Labs.com

www.HostingSecList.com - Security notices for the hosting community.

  #5  
Old
Junior Guru Wannabe
 
Join Date: Oct 2010
Posts: 64
every option i could think of (including the ones mentioned above) allow the user to un-suspend themselves if they wanted.
which brings me to daimon666's question

  #6  
Old
Web Hosting Master
 
Join Date: Dec 2005
Posts: 2,645
You can disable a file or directory by changing it's permission.

__________________
█ █ █ DHCart - Domain and Hosting shopping cart with Domain availability checking and Whois lookup.
█ █ █ www.dhcart.com Demo

  #7  
Old
Technical Nutcase
 
Join Date: Mar 2009
Location: Miami, Florida
Posts: 18,662
Hello,
You could try creating the following .htaccess file containing. It would cripple anything in the webroot. This however would still allow any outbound scripts to work.

Redirect 301 / http://domain.com/cgi-sys/suspendedpage.cgi

__________________
http://iSheep.net - The ultimate iSheep simulator

  #8  
Old
Junior Guru
 
Join Date: Sep 2004
Posts: 234
Sure,

I have a customer that his website overload my server at 600% due at a script php problem... I want allow him to fix the problem to get his website back online. I have suspended his account because if the account is active the entire server crash.. so what i can do for allow the customer to make the change of his website without see his website online.

Thanks for your answer

  #9  
Old
Aspiring Evangelist
 
Join Date: Mar 2010
Posts: 361
create .htaccess file and past the following code.

single ip address access

order deny,allow
deny from all
allow from 192.168.1.1


http://www.yourdomain.com/.htaccess

multiple ip address access

order deny,allow
deny from all
allow from 192.168.1.1
allow from 192.168.1.2
allow from 192.168.1.3


Authorize the ip for your client only he will be able to access site without any problem no one else.

__________________
HostingOwner.com Shared and Reseller Hosting
cPanel/WHM, Softaculous - Premium Network - 99.9% Uptime
Managed, Unmanaged Premium VPS Hosting by vpsCrew.com



  #10  
Old
Just me
 
Join Date: Sep 2002
Location: Among the corn
Posts: 10,504
Quote:
Originally Posted by anythingss View Post
every option i could think of (including the ones mentioned above) allow the user to un-suspend themselves if they wanted.
No they don't (or they shouldn't).
If you change ownership of public_html to root:root, nobody should be able to change that back.

.htaccess files will be easily removed by the user, theoretically.

If you want to REALLY suspend things (without suspending the account):
Code:
chown root:root /home/username
chmod 000 /home/username
This way, even if they can login (they can), they can't change anything back to themselves, or shouldn't be able to.

  #11  
Old
Junior Guru Wannabe
 
Join Date: Oct 2010
Posts: 64
Quote:
Originally Posted by linux-tech View Post
No they don't (or they shouldn't).
If you change ownership of public_html to root:root, nobody should be able to change that back.

.htaccess files will be easily removed by the user, theoretically.

If you want to REALLY suspend things (without suspending the account):
Code:
chown root:root /home/username
chmod 000 /home/username
This way, even if they can login (they can), they can't change anything back to themselves, or shouldn't be able to.

proftpd running without pam (such as the config cpanel does) allows you to do many things to override file permissions, regardless of their ownership or permissions.

#touch testfile
#chmod 000 testfile
#chown root:root testfile

ftp> Command: DELE testfile
ftp> Response: 250 DELE command successful

#ls testfile
ls: cannot access testfile: No such file or directory


edit: i think its the lack of pam that allows it to happen, not sure tho.


Last edited by anythingss; 09-06-2011 at 09:16 PM.
  #12  
Old
Just me
 
Join Date: Sep 2002
Location: Among the corn
Posts: 10,504
all the more reason to switch from proftpd.
If you follow the advice about chmoding /home/user and changing ownership, the user has nowhere to login to, even with ftp programs

Reply

Similar Threads
Thread Thread Starter Forum Replies Last Post
cPanel : Suspend account w/o killing cPanel Access KMyers Reseller Hosting 9 05-04-2009 09:10 PM
automatic suspend account in cpanel mirheydari Web Hosting 15 07-18-2008 03:27 AM
Problem with suspend account cpanel robocap Hosting Security and Technology 1 07-19-2007 05:41 PM
cPanel Suspendind an Entire Package? lindmar Running a Web Hosting Business 1 12-09-2006 12:10 PM
[cpanel] Suspend account suspend email? technicalws Web Hosting 4 03-25-2003 12:27 PM

Related posts from TheWhir.com
Title Type Date Posted
GoDaddy Supports cPanel as Part of Web Hosting Updates Web Hosting News 2014-05-09 12:40:20
What's New at cPanel: IPv6 and 1:1 NAT Support Web Hosting News 2013-10-01 18:12:07
cPanel Addresses User Concerns of Transfer and Backup Restore System Security Web Hosting News 2013-05-24 10:13:44
cPanel Security Updates Address Perl Module Vulnerabilities Web Hosting News 2012-12-06 12:55:54
Hosting Control Panel cPanel & WHM 11.34 Release Hits Stable Tier Web Hosting News 2012-11-12 17:04:57


Tags
cpanel, suspend, whm

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
WHT Host Brief Email:

We respect your privacy. We will never sell, rent, or give away your address to any outside party, ever.

Advertisement:
Web Hosting News:
WHT Membership
WHT Membership



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?