Sharing Full Group Access To 3 Sites/users
Apr 19, 2009
i have 3 sites/users that all need to be able to access each other with complete read/write/exec access
Site1 Site2 and Site3
what's the best way to do this without screwing up all the premissions and access to my currently active sites. I need advice from someone who is a pro at this and not just guessing at what premissions to set. I'm assume i need to create a MasterGrp and invite all 3 sites then set/change permissions on all three sites. Also all new files created would need to have the masterGrp set as the group automatically
View 4 Replies
ADVERTISEMENT
Jun 20, 2007
I have several users that can't access my sites, they are all from different areas of the world, most are on PC's with WinXP and one is on a MAC. I've had them do all the normal stuff..clean cookies, cache etc all with no luck.
I have a dual processor server running Red Hat 7.3 i686. I do have KISS firewall running.
If I stop the firewall, they can get in, but I can also bring it back up and then for several hours they can still connect, but at some point, they stop being able to.
I currently have no ip's blocked. See below:
BLOCK_LIST=" "
TCP_IN="20 21 25 53 80 110 143 443 995 2082:2083 2086:2087 2095:2096 3306 8443 10000 19638 22 26 37 43 873 993"
TCP_OUT="21 22 25 37 43 53 80 443 873 2089 55000"
UDP_IN="53"
UDP_OUT="53"
TCP_IN_TRUSTED="22"
TRUSTED_IPS="0.0.0.0/0"
SERVER_IPS="0.0.0.0/0"
Nothing that I know of changed, it just started about a week ago.
View 12 Replies
View Related
Jan 6, 2015
We have several sites on one server. When I use the plesk wordpress manager it some how updates the User and Group permissions on folders and files with the username apache. How or what command do I run to get it to use the site username and psacln. It appears something maybe in an update or whatever has caused this issue. This only occurs with wordpress and drupal updates from the plesk interface.
What command can I run just to update the permissions to update all users to a username and psacln security settings on folders and directories.Running Plesk 12.0.18 and CentOS7
View 1 Replies
View Related
Nov 28, 2007
I have 2 ecommerce sites now hosted at 2 different shared locations, both sites offer same exact products and pricing. I am in the process of elancing out the recode/rebuild for both sites to share one mysql database, cart and to be housed together in one VPS.
I plan to put them both on 1 windows VPS (they are asp) each with its own separate IP but have heard this can cause problems with search engines especially google. I have great natural organic right now (1st position for 5 of my demo keywords) and dont want to put that at risk but getting really tired of 2 separate backends, carts, hosting etc..
View 4 Replies
View Related
May 24, 2007
Is there anyway to set up a Group that only has access to one virtual directory and nothing else on the server? Running IIS 6.0 on Windows 2003.
View 1 Replies
View Related
Jun 22, 2014
We have Panel Plesk 11.5.30 in Windows 2008 R2. when you go to File Sharing in all the Subscriptions, appears this error: Internal error: Unable to access File Sharing repository with the system user name "admin": wrong username or password
This happen since we do the update to the new version 11.5.30 ...
View 2 Replies
View Related
May 22, 2008
How can view all users have root access in system?
View 6 Replies
View Related
Apr 2, 2007
I have started my hosting service at ezhostlive.com. But currently, a few users are experiencing problems accessing accounts made by me. This problem is only affecting people on a certain ISP.
For them, they are not able to access any domain/subdomain on ezhostlive.com
A few examples of sites which do not work for them but work for everyone else NOT on that ISP are teensideout.com, tpc.ezhostlive.com, mobilemasters.ezhostlive.com.
I'm not sure if this is a problem with my DNS settings for my domain or an ISP problem.
Here is the DNS report for an account hosted on ezhostlive.com.
dnsstuff.com/tools/dnsreport.ch?domain=teensideout.com
Here is the DNS report for ezhostlive.com. dnsstuff.com/tools/dnsreport.ch?domain=ezhostlive.com
View 11 Replies
View Related
Jun 30, 2007
Possible root kit, what can I do?
Sorry for the long post, but I need some feedback.
One of the main reasons that I went from a windows dedicated server to a VPS was because I had several attacks on my server that cost lots of time and money. The only reason to these attacks was that it has to be a root kit in one of the programs I used on my server.
I have used SolarVPS for over 6 months now, and have used most of the same software I used on my dedicated server. I have not had any attacks or somebody gaining access to my VPS.
Last week I got a new Windows VPS from JaguarPC. I installed the same software as always (I will list the software later) and day two of my new VPS somebody had full access, had created a new admin user, installed Utorrent, downloaded and uploaded over 10 GB of movies and music before I discovered the security issue.
Beside my normal software I had downloaded a free downloadmanager, so I could download my plesk backup files faster than on a single download connection. That was the only other software beside my normal software.
But I never used that download manager on my dedicated server, but the same thing happened there also. A user got full access, created a new admin user for remote desktop, etc. I also use different password for the different VPS/DS/hosting plans, but some parts of the main level password is the same.
Last time the user was names support, this time the user was named Dave
I change password often, this year I have changed my password 4-5 times. I have different password for different levels on my VPS/servers. On password for Admin, one for Plesk, one for FTP access to my sites, one for e-mail, one for MySQL etc etc.
I have changed OS at home from XP to Vista, and have only installed 100% secure programs at my home computer. I have not installed one free program or any cracks, warez etc. I also use different antivirus and anti spyware software at home. So the problem can most likely not be at my home computers.
My current software I use on my VPS’s are: (I have some more, but that was the software I used on new VPS)
WinRar 3.61 from [url]
Bandwidth monitor Pro from [url]
Weblog Expert 4.1 from [url]
And the only software I don’t use on my VPS at SolarVPS:
Free Download Manager from [url]
The strange thing is that last time, over 6-7 months ago when I had all the problems with my dedicated server, I traced the IP the hackers had used to login to my DS to Germany.
This time on my new VPS the person has to be from Germany or on country they speak German. The mp3s and the movies where almost all in German.
My plan for the future:
I think I will buy a new VPS plan to test my software. Install one and one software, and see when somebody get access to my VPS. I have to use a provider that offer free OS reloads, so I can reload the OS after I have tested one and one of my programs.
Do anybody know about any companies that allow me to get free OS reloads and provide a Windows 2003 server?
Or will the backup function in VZPP work as OS reload if I take a backup of my new clean VPS and then install software. If it is a rootkit, and I restore, will the rootkit go away? If yes, I can use all providers with VZPP.
And do I have to tell the company what I have planned to do? A rootkit on my VPS will not affect other VPS, so they can get the same rootkit, or the main server?
View 3 Replies
View Related
Feb 24, 2008
I have taken over management of a bunch of a dedicated servers and have a question.
What are the commands on Linux (RedHat, RHL) for giving a User access rights to a directory(ies) only.
So that this user can FTP and Telnet to the server but will be able to:
1- only upload files to these directory(ies)
2- only delete files/dirs from these directory(ies)
3- only execute programs residing in these directory(ies)
View 3 Replies
View Related
Jul 11, 2007
I have my main business site at:
www.ShaShinKi.com
I have received many complaints from my customers that they can't access to my site from some of their connections.
Yesterday and today, I can't access my site as well. I am connecting using an university server line with IP 133.41.34.130
While I can't access www.ShaShinKi.com, but if I type the IP address of my server at [url]I can still see the page load up.
View 9 Replies
View Related
Nov 4, 2009
Quote:
A software developer has uncovered a bug in most versions of Linux that could allow untrusted users to gain complete control over the open-source operating system.
The null pointer dereference flaw was only fixed in the upcoming 2.6.32 release candidate of the Linux kernel, making virtually all production versions in use at the moment vulnerable. While attacks can be prevented by implementing a common feature known as mmap_min_addr, the RHEL distribution, short for Red Hat Enterprise Linux, doesn't properly implement that protection, Brad Spengler, who discovered the bug in mid October, told The Register.
Read the complete article at The Register. New kernels are available for Redhat and CentOS (obviously), and likely others who may be affected.
View 8 Replies
View Related
Jul 18, 2007
INTRODUCTION
As owner of a hosting provider company, I face the problem of abusive users almost every day. More than 90% of all abuse on my server comes from free trial accounts. I offer free trial access to my servers for people who want to try things out before they purchase a hosting package, but off course this attracts spammers. To prevent trial users from using my server for spamming purposes, I modified my exim.pl file to prevent trial users from accessing the Exim mail server.
Please note that this tutorial has been written for cPanel servers. If you want to use it on a server with a different control panel, you'll need to modify the cpgetpack.c source. If you do so, please share your work with the community by posting it in a reply here.
STEP ONE
First you’ll need to download, compile and install my cpgetpack.c application. Here’s how:
Code:
gcc cpgetpack.c -o cpgetpack
mv cpgetpack /usr/bin/
chown cpanel:cpanel /usr/bin/cpgetpack
chmod +s /usr/bin/cpgetpack
STEP TWO
Now open the /etc/exim.pl file in your favorite text editor (make a backup first) and look for the following inside the checkuserpass subroutine:
Code:
$trueowner =~ s////g;
$trueowner =~ s/..//g;
if (isdemo(${trueowner})) {
return('no');
}
Below, paste the following code:
Code:
my $name = getpwuid($uid);
open(UP, "cpgetpack $name|");
my $userplan = <UP>;
close(UP);chop($userplan);
if ($userplan eq "radix_FreeTrial") {
return "no";
}
You will have to replace the radix_FreeTrial string with the package you assign to your trial users. This will prevent trial users from authenticating which prevents them from sending mail remotely.
STEP THREE
Users are now still able to send mail locally (for example using the PHP mail() function), so here’s what to do next.
Find the checkdemo subroutine in the exim.pl file and replace the complete subroutine with:
Code:
sub democheck {
my $uid = Exim::expand_string('$originator_uid');
if (isdemo($uid)) { return 'yes'; }
my $name = getpwuid($uid);
open(UP, "cpgetpack $name|");
my $userplan = <UP>;
close(UP);
chop($userplan);
if ($userplan eq "radix_FreeTrial") {
return 'yes';
}
return 'no';
}
STEP FOUR
Now just restart Exim:
Code:
service exim restart
It might be a good idea to create a trial account and see if it’s working. Enjoy!
REFERENCE:
Original post: [url]
Best regards,
Josh Burt
View 0 Replies
View Related
Feb 16, 2015
My reseller have got one plan, where option "Gestion de l'accès au serveur via SSH" (Manage SSH access to server) is on "Peut autoriser l'accès uniquement à un environnement chrooté" (Can autorize access only in chrooted environment).
This plan contains only one subscription in which I would like to permit users to use sftp. If I go in the subscription, and then I click on "Customize subscription", I can see option "Gestion de l'accès au serveur via SSH" (Manage SSH access to server) is on "Peut autoriser l'accès uniquement à un environnement chrooté" (Can autorize access only in chrooted environment)...
=> So same than in the plan.
After that, when I click on subscription => WebSites and Domain => One domain => FTP Access and I choose a ftp user, I don't have any option to allow ssh access to the user.
View 4 Replies
View Related
Jan 18, 2015
I'm using Plesk Panel 12 on Debian GNU/Linux 7.6 server. I created a ftp user in a subdomain (sub.domain.tld) of my domain (domain.tld).
In Tools and settings = Policy security, I allowed sftp and ftp connections. When I try to connect I get this message :
Code:
sftp my_user@domain.tld
Connection closed
In the password file I got :
Code:
my_user:x:10000:1003::/var/www/vhosts/domain.tld/sub.mydomain.tld/httpdocs:/bin/false
View 15 Replies
View Related
Sep 12, 2008
I got this domain hosted on my server where i can't ping or trace it. Every setting seem to be correct, the ip address, name server...etc. and other websites hosted on the server is working fine. i can reach other websites with no problem but not this domain.
how do i trouble shoot such problem? would deleted the website and recreate solve it?
has anyone ever come across such strange problem?
View 6 Replies
View Related
Sep 4, 2008
i have a Dedicated server and i installed firewall and i fixed all cpanel option and i disable shell access for all users and ......
but my users can upload shell hack files (Like:c99 ) then they can access to another website ,,,, they can`t Write ,,, they can Read files only
but there is a problem because the hacker will read the config files so my Database websites will hack soon
View 14 Replies
View Related
Sep 19, 2014
today we notice that all subscriptions on Plesk when we access phpmyadmin has access to all databases,it was a Plesk update that can be done this ?
I don't remember to update anything during this days to this happen.
View 1 Replies
View Related
Sep 10, 2007
I'm using a shared host that provides good service and support, but there's one major issue I discovered recently:
Other sites hosted on their server are accessible through my domains and subdomain. For example:
Account2 on their server can be accessed through:
[url]
[url]
Host says:
"Because everything is Name-based, apache decides what directory is going to be used based upon the name that is provided. However, because the username is valid, it treats it as a vaild URL and redirects it to your site. There is no security issue, as this is just the way apache’s configuration works."
Is it really normal? Does the same happen on all apache servers? I think SE's would treat the other pages as mine, no?
View 3 Replies
View Related
Jan 29, 2007
When trying to access any web sites or webmail on a plesk server i keep getting the following.
Forbidden
You don't have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
Nothing as far as i can see has changed on the server.
I cant access plesk control panel due to network restrictions but have command line access.
what could of caused this blanket ban?
Cant see any changes in .htaccess files, but didnt think that plesk would affect these much anyway
View 5 Replies
View Related
Oct 21, 2014
Is there any way to give a reseller or customer access to the php custom settings box labeled "Additional configuration directives" on the website & domains -> php settings button that an admin can see and alter? We have attempted to give resellers the "Common PHP settings management" and "Setup of potentially insecure web scripting options that override provider's policy" options, but it still does not show up to a reseller.
View 1 Replies
View Related
Aug 7, 2008
I have someone who manages my box.. but lately he has been MIA.. and very hard to contact.
All of a sudden I realized that I cannot reach my cpanel or whm..
when I go to www.domain.com/cpanel It just says checking for connection.. and doesn't go anywhere.
If I go to domain.com:2082 it says 401 Access Denied
I tried rebooting the box..
View 12 Replies
View Related
Sep 6, 2013
The upgrade has an error when manage the users database.
PRODUCT, VERSION, VERSION OF MICROUPDATE, OPERATING SYSTEM, ARCHITECTURE
OS Microsoft Windows Server 2008 R2 Service Pack 1 x64
Panel version 11.5.30 Update #13, last updated at Sept 1, 2013 03:30 PM
PROBLEM DESCRIPTION
In a costumer panel have a one database MSSQL, and assign to this DB 3 users, but the tab option "Users" don't work fot his costumer and show this error:
Error Javascript:
TypeError: template is null
this.template = template.toString(); in protototype.js 8472831 (lÃÂnea 807)
ACTUAL RESULT
Error Javascript:
TypeError: template is null
this.template = template.toString(); in protototype.js 8472831 (lÃÂnea 807)
EXPECTED RESULT
Show users in the tab users for database.
View 2 Replies
View Related
Mar 25, 2009
On my server, users can connect to any database as long as they have the database user and password. This makes it easier to hack any database on the server.
What I want to do is to make the users can only connect to their own databases and not other's.
I tried changing the localhost ip address but it didn't work ( I assume I didn't do it the right way)
View 7 Replies
View Related
Jul 25, 2007
Is there a way to do so in cpanel using ip deny manager?
View 4 Replies
View Related
Mar 8, 2007
i have a main server that is connected online & now live with a static IP address. at the local network, i have 6 other PCs running apache that is connected to the main server.
since i can only effort for 1 IP now, how can i have the local connected servers to be viewable from the internet as well like some normal web URLs?
View 5 Replies
View Related
Aug 3, 2007
in a domain environment, how do I enable users to be able to access the Desktop properties and allow them to change their wallpapers. I know it should be a simple one but I'm still looking through policies but can't find what can be. By default/ after some group policy changes, all users are denied from accesing this properties window.
View 4 Replies
View Related
Aug 27, 2007
I'm making an account for my friend, and I just want him to have access to /var/www/hishomedirectory/
I want him to be able to do anything in that directory (rename files, delete, copy, move, upload, etc..), but not able to use apt-get or play with settings. Not a superuser either.
View 3 Replies
View Related
Dec 18, 2008
After some yum updates last night one user and group called xfs were created on my dedicated server. Does anyone know what this group/user is used for?
View 0 Replies
View Related
Nov 15, 2008
Currently I have
Umask 027
The problem is, how do I get the group to be set as apache on a file/dir upload? I really do not like having other permissions set, as it can be a security risk, allowing others to access someone else's files.
Another issue is, I can't remove privileges, but I can add them.
copy of proftpd.conf:
Code:
ServerName "FTP"
ServerType standalone
Port 21
PassivePorts 35000 35999
UseReverseDNS off
TimesGMT off
TimeoutLogin 120
TimeoutIdle 600
TimeoutNoTransfer 900
TimeoutStalled 3600
#MaxCients 20 "Sorry, the maximum number of allowed users are already connected (%m)"
#MaxClientsPerHost 2
#MaxClientsPerUser 2
MaxConnectionsPerHost 6 "Sorry, you may not have more then 6 connections open at a time"
MaxHostsPerUser 6 "Sorry, you may not connect more than 6 times"
ScoreboardFile /var/run/proftpd/proftpd.pid
TransferLog /var/log/proftpd/xferlog.legacy
LogFormat default "%h %l %u %t "%r" %s %b"
LogFormat auth "%v [%P] %h %t "%r" %s"
LogFormat write "%h %l %u %t "%r" %s %b"
#DON'T modify this log format. Its used by DirectAdmin to determine user usage
LogFormat userlog "%u %b"
ExtendedLog /var/log/proftpd/IP.bytes WRITE,READ userlog
AuthUserFile /etc/proftpd.passwd
DefaultServer on
#AuthPAM off
<IfModule mod_tls.c>
TLSEngine on
TLSLog /var/log/proftpd/proftpd.tls.log
TLSProtocol TLSv1
TLSVerifyClient off
TLSRequired off
#Certificates
TLSRSACertificateFile /etc/exim.cert
TLSRSACertificateKeyFile /etc/exim.key
#TLSCACertificateFile /etc/ftpd/root.cert.pem
</IfModule>
<Global>
DeferWelcome on
RequireValidShell no
DefaultRoot ~
DirFakeUser on ftp
DirFakeGroup on ftp
User ftp
Group ftp
#UserAlias anonymous ftp
AllowStoreRestart on
AllowRetrieveRestart on
ListOptions -a
Umask 027 022
DisplayLogin welcome.msg
DisplayChdir readme
AllowOverwrite on
IdentLookups off
ExtendedLog /var/log/proftpd/access.log WRITE,READ write
ExtendedLog /var/log/proftpd/auth.log AUTH auth
#
# Paranoia logging level....
#
#ExtendedLog /var/log/proftpd/paranoid.log ALL default
</Global>
Include /etc/proftpd.vhosts.conf
View 4 Replies
View Related
