Disable Login Via FTP
Apr 18, 2007We have linux server + apache
How to disable login via FTP for schedule time?
ADVERTISEMENT
How Do I Disable Root Login For WHM
Oct 18, 2009Meaning you can't use the user root to login to WHM.
Is that possible?
Disable Direct Root Login
May 16, 2007I tried to disable direct root login but had to struggle to find step-by-step instructions and have written the steps one needs to follow to disable direct root login.
This is an additional security measure where we prevent direct root logins and instead create a user to login and then use a command ‘su –‘ to gain root privileges.
The only risk in this procedure is that you may prevent root login but forget to add the user to the wheel group - effectively locking yourself out of the system.
Follow the steps below and you will not face a problem.
STEP 1: Let us create a user and add it to the wheel group.
For e.g. we want to create a user neonix and give him root privileges.
SSH into your server as root and follow the below commands to create a user.
groupadd neonix
useradd neonix –gneonix
passwd neonix
enteryouruserpasswordhere
verifyyouruserpasswordhere
// Please note -g in the second line
// You can replace neonix with any username of your choice.
STEP 2: Add user to wheel group.
Use your browser to Login to your WHM panel and click on Manage Wheel Group Users.
You will see the user you just added (neonix). Select the user and click ‘Add to group’.
You will see that the user has been added –
Users Currently in the wheel group root,neonix
You have successfully added a user to the 'wheel' group who will be able to 'su -' to root.
LOGOUT OF SSH
Before we disable root login, let us check if the user can login and su – to gain root privileges.
SSH into your server as 'neonix'
Login as: neonix
Password : enteryouruserpasswordhere
su –
password: enter root password here
You have successfully logged in and have root privileges. Now let us disable root login.
STEP 3: Disable Direct Root Login
(The below steps are from webhostgear.com)
1. Copy and paste this line to edit the file for SSH logins
pico -w /etc/ssh/sshd_config
2. Find the line
Protocol 2, 1
3. Uncomment it (Remove #) and change it to look like
Protocol 2
4. Next, find the line
PermitRootLogin yes
5. Uncomment it (Remove #) and make it look like PermitRootLogin no
6. Save the file Ctrl+X then Y then enter
7. Now you can restart SSH
/etc/rc.d/init.d/sshd restart
Now, no one will be able to login to root with out first logging in as 'neonix' and 'su -' to root, and you will be forcing the use of a more secure protocol.
Just make sure you remember both passwords!
Plesk 12.x / Linux :: Disable Login On Domains
Nov 30, 2014I would like my clients only to be able to access Plesk Panels from a certain domain, instead all from or with all the domains hosted on our server, is there a way to accomplish that?
View 1 Replies View RelatedPlesk 11.x / Linux :: Disable Non-secure Login Port 8880
Nov 4, 2014One failure cited by a recent PCI compliance report was that of the Plesk non-https login at port 8880. I believe we can resolve this by adding a firewall rule to block access to this port but wanted to check first if this will have any negative consequences elsewhere. Or is there a better way to achieve PCI compliance on this point?
View 2 Replies View RelatedVPS With WHM/cPanel Webmail - Login ... Then Login Fails
Jan 31, 2008Just got a new additional VPS with WHM/cPanel.
Browse to www.mydomain.com/webmail and get login box > login accepted and taken to Horde/Squirrelmail choice screen > choose Squirrelmail and get login box ... login not accepted! > Retry and choose Horde ... login not accepted!
The login is correct and the results are the same when logging in as root, or through /cPanel or /Webmail.
MOTD In Front Of Login And After Login.. How
Apr 9, 2007i had access in some servers via SSH and when i try to connect i get:
Welcome to The HOST!
login as: nickname
--------------------------
We monitor/log everything on that server! IP Logged!
--------------------------
nickname@host's password:
.............
I know that there is the motd file in /etc that i can put a message but i see it when i full be recognized by the server.. (after putting the password).. How can i put the other 2 messages?
Plesk Automation :: Login As User From Admin / Actual Login As User Are Different
Jan 3, 2014when I find the subscription from the admin side of PPA, if I select "Login as user" I've noticed that it is different from actually logging in as the user - for example - "add domain alias" is missing when I login as a customer - but not as an admin... I need my customers to add their own aliases and manage them - how do I add that feature to the client login side?
View 9 Replies View RelatedHow To: Disable SSL 2.0 And Use SSL 3.0
Oct 20, 2008Our security comlience test got failed due to following reason
Synopsis:
The remote service encrypts traffic using a protocol with known weaknesses.
Description:
The remote service accepts connections encrypted using SSL 2.0, which reportedly suffers from several cryptographic flaws and has been deprecated for several years. An attacker may be able to exploit these issues to conduct man-in-the-middle attacks or decrypt communications between the affected service and clients.
Solution:
Consult the application's documentation to disable SSL 2.0 and use SSL 3.0 or TLS 1.0 instead. See for Apache.
We have Cpanel RHEL server. Please advise how to:
'disable SSL 2.0 and use SSL 3.0 or TLS 1.0 instead. See for Apache.'
How To Disable RBL
Feb 20, 2008RBL is blocking every incoming email. While waiting for the admin. How to disable it?
View 3 Replies View RelatedDr Web - How To Disable It
May 11, 2008I can stop Dr Web from within Plesk Control panel, but every time server restarts - Dr Web is automatically started again.
Any possible way to disable it from running?
Also the same with Spam Assassin.
I am running CentOS
Disable SSL 2.0 And Use SSL 3.0
Nov 6, 2007I would like to disable SSL 2.0 and use SSL 3.0, my question how i can do this and which file i have to modify or i have to upgrade from SSL 2.0 to SSL 3.0 ?
View 2 Replies View RelatedWhy Disable Parse_ini_file
Jun 10, 2009I've seen for securing PHP recommends putting parse_ini_file() in the disable_functions line in php.ini but I cannot find an exact reason why. This being disabled is causing an error message to appear on some of my users sites but I'm trying to find a clear cut reason why it is disabled.
View 12 Replies View RelatedDisable Clamav
Mar 19, 2008How can I disable clamav on cpanel server and make sure that it's not running
because when clamav is running the outlook is not working so I have to restart clamav every time.
Disable Logrotate
Oct 25, 2009is it possible to disable log rotate? I can't seem to find the cron under my weeklys or dailys nor monthlys unless it's named "mad-db" but is there a way to make it say yearly? or just disable it all together? I say this because the script I use has a function already to clear the logs and when log rotate runs it kills all processes going by the script
View 8 Replies View RelatedHow Disable Phpinfo()
Apr 17, 2009when some one upload and load files with phpinfo()
he can see our server PHP Configuration.
how can us disable phpinfo()?
Disable Auditd
May 24, 2009I have disabled auditd
Code:
root@server48 [~]# chkconfig --list |grep audit
root@server48 [~]# rpm -qa|grep audit
audit-libs-1.7.7-6.el5_3.3
audit-libs-1.7.7-6.el5_3.3
audit-libs-python-1.7.7-6.el5_3.3
root@server48 [~]# lsmod |grep audit
root@server48 [~]#
root@server48 [~]# ps aux|grep audit
root 532 0.0 0.0 0 0 ? S< May17 0:00 [kauditd]
root 20690 0.0 0.0 61180 740 pts/0 R+ 06:12 0:00 grep audit
root@server48 [~]#
I still get audit on /var/log/messages
Quote:
May 24 06:10:01 server48 kernel: type=1101 audit(1243163401.625:179651): user pid=19715 uid=0 auid=0 msg='PAM: accounting acct="root" : exe="/usr/sbin/crond" (hostname=?, addr=?, terminal=cron res=success)'
May 24 06:10:01 server48 kernel: type=1101 audit(1243163401.716:179652): user pid=19716 uid=0 auid=0 msg='PAM: accounting acct="youtubet" : exe="/usr/sbin/crond" (hostname=?, addr=?, terminal=cron res=success)'
May 24 06:10:02 server48 kernel: type=1101 audit(1243163402.087:179656): user pid=19719 uid=0 auid=0 msg='PAM: accounting acct="vidzboxc" : exe="/usr/sbin/crond" (hostname=?, addr=?, terminal=cron res=success)'
How do i disable auditd completely?
How Disable Php On Cpanel
Jul 18, 2009any one can apply php scripts under cpanel like:
domain.com:2082/scripts.php
I have run phpinfo for looking for cpanel php.ini I have
Configuration File (php.ini) Path /usr/local/cpanel/3rdparty/etc
I renamed /usr/local/cpanel/3rdparty/etc to /usr/local/cpanel/3rdparty/etc.OLD
then restart the server I am still get cpanel php work and phpinfo give :
Configuration File (php.ini) Path /usr/local/cpanel/3rdparty/etc
how to disable cpanel php to prevent some one exploit php to hacking my server?
Disable Backup
Apr 9, 2009i wanna disable the backup from cpanel for one user only
how i can do that?
i wont him take full backup from the cpanle.
Disable FTP In CPanel/WHM
Apr 13, 2008I've a VPS to run my only one website. As I don't use ftp, I'd like to know how to disable it.
I tried WHM -> Service Configuration -> Service Manager, then uncheck ftpd, but it's still there
Disable WHM/Cpanel
Jul 29, 2008I want to disable WHM/Cpanel.because client purchase dedicate server from us and he want to access from command line and no WHM/Cpanel so how can i do it and it will be effect on any service because i have installed all the service like dns, exim and http from WHM.
View 3 Replies View RelatedHow To Disable A Contain With Mod_security
May 7, 2008How can i disable some words from the contain of the page by Mod_Security2?
View 6 Replies View RelatedDisable FTP For Specified Time
Oct 30, 2008Does is possible to disable ftp capabilities of several websites run by cron at some specified time of the day? then re-enable it automatical at a certain time also?
View 7 Replies View RelatedHow Do I Disable IPTables?
Dec 5, 2008I installed APF/BFD a log time ago on my centos server and have had no problems up until now.
Approx 3 days ago, the server was uncontactable by SSH/HTTP/FTP. So I ran a traceroute and the host confirmed the box was up with no problems.
He disabled IPTables and I was allowed in. Anyway, overnight, the same thing has happenned again.
I will have to SSH in from another IP however, my main question is how do I disable IPTables ? Or better still, how do I uninstall APF!
Disable Email
Feb 20, 2008I got the problem with email running on my server.
That mean, I using my domain email service with other server. Now I hosted a website for this domain on one other server.
Note that the IP for domain and email domains are different (Using managed domain service)
But I got the problem now when email sending from the server (using php email function ) with the website running that will confusing, not sending anymore.
Don't know that you understand my case. But I want to stop email service for this domain on my server, all email just send and receive through other email server.
How can I setup or configure it through SSH?
How To Disable This Message
Apr 9, 2007I have placed .htaccess to block some ip, when the person ip matches, my server will gives this message "client denied by server configuration", got lots of them everday in my error log, how can I disable this message? I need other error log message but not this message, is there any way I can disable it?
using centos and plesk.