randyc

Registered
Mar 10, 2002
1
0
301
Is htere a way too setup a really secure cpanel demo account? Ive already disabled shell and of course CGI, but what else can i do to make it secure?

btw, nice forums. ive been browsin for about a year.
 

pkuk

Well-Known Member
Nov 16, 2002
65
0
156
Not sure, even disabling shell acess & CGI + setting a quota of 1MB will still allow things to run. Sure you can't set up an email account, but you can install a cart or a forum, even in demo mode, use with caution...

cPanel.net Support Ticket Number:
 

ciphervendor

Well-Known Member
Aug 26, 2002
1,052
0
166
People really don't need to be able to click links in a demo. Why not just create screenshots or static HTML pages? They work the same and I doubt you will loose customers over this.

cPanel.net Support Ticket Number:
 

Host4u2

Well-Known Member
Mar 24, 2002
248
0
316
Cpanel Demos

Create unreal-domain name account without CGI, Shell access and Turn on 'demo mode' for that account
-----

To disable email

Remove the domain entry from /etc/userdomains, and /etc/localdomains

Removing these entries will prevent anyone from sending mail from the demo account. They will still be able to go into Neomal they just won't actually be able to send anything.
-----

To disable ftp
Add username on

/etc/ftpusers

Description:
Deny FTP access. The ftpusers file is used to deny FTP access to specific users. The format is a simple text file listing the restricted users one per line.
-----

To disable cgi, SSI, To disable php, not allow calling website from IP address, Disable .htaccess

In /etc/httpd/conf/httpd.conf
<IfModule mod_userdir.c>
# UserDir public_html
UserDir disabled
</IfModule>

This will cause all hosting account on that server couldn't reach by http://IPADDRESS/~username/
This is quite important if you need to setup demo.

cPanel.net Support Ticket Number:
 

NiN

Active Member
Apr 30, 2003
29
0
151
Braga, Portugal
Re: Cpanel Demos

Originally posted by Host4u2
In /etc/httpd/conf/httpd.conf
<IfModule mod_userdir.c>
# UserDir public_html
UserDir disabled
</IfModule>
This should be done with or without demo accounts!
Only enable it for shared ssl hosts!

cPanel.net Support Ticket Number:
 

vabtz

Member
Jul 17, 2003
7
0
151
My solution for this also includes changing the ownership of the demo accounts home directory and all files included in it. Then changing the permissions so noone can install anything in there.

cPanel.net Support Ticket Number:

cPanel.net Support Ticket Number:
 

chadi

BANNED
Apr 20, 2004
415
0
166
Host4u2 said:
Create unreal-domain name account without CGI, Shell access and Turn on 'demo mode' for that account
-----

To disable email

Remove the domain entry from /etc/userdomains, and /etc/localdomains

Removing these entries will prevent anyone from sending mail from the demo account. They will still be able to go into Neomal they just won't actually be able to send anything.
-----

To disable ftp
Add username on

/etc/ftpusers

Description:
Deny FTP access. The ftpusers file is used to deny FTP access to specific users. The format is a simple text file listing the restricted users one per line.
-----

To disable cgi, SSI, To disable php, not allow calling website from IP address, Disable .htaccess

In /etc/httpd/conf/httpd.conf
<IfModule mod_userdir.c>
# UserDir public_html
UserDir disabled
</IfModule>

This will cause all hosting account on that server couldn't reach by http://IPADDRESS/~username/
This is quite important if you need to setup demo.

cPanel.net Support Ticket Number:

/etc/ftpusers file does not even exist for me. What should I do here?
 

chadi

BANNED
Apr 20, 2004
415
0
166
Also, I did all you said and attempted to send an email using "default" account for this demo enabled account. I used Horde and it sent the email (I did not receive the email but the relayers show as sent and so did Horde itself). Why?