Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Disable safesshrestart

Discussion in 'Security' started by flashweb, Oct 15, 2011.

  1. flashweb

    flashweb Well-Known Member

    Joined:
    Mar 13, 2003
    Messages:
    253
    Likes Received:
    2
    Trophy Points:
    168
    cPanel Access Level:
    Root Administrator
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. ModServ

    ModServ Well-Known Member

    Joined:
    Oct 17, 2006
    Messages:
    332
    Likes Received:
    5
    Trophy Points:
    168
    Location:
    Egypt
    cPanel Access Level:
    Root Administrator
    What exactly the issue you're having ?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. flashweb

    flashweb Well-Known Member

    Joined:
    Mar 13, 2003
    Messages:
    253
    Likes Received:
    2
    Trophy Points:
    168
    cPanel Access Level:
    Root Administrator
    This is for added security. I bind ssh to private network. So even if my root password get key logged (less chance) i don't want want anyone reset ssh through WHM and bind it to public network.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. ModServ

    ModServ Well-Known Member

    Joined:
    Oct 17, 2006
    Messages:
    332
    Likes Received:
    5
    Trophy Points:
    168
    Location:
    Egypt
    cPanel Access Level:
    Root Administrator
    Why just don't add your IP in /etc/hosts.allow for SSH and deny anything else in /etc/hosts.deny ?

    After that you can chattr +ia /etc/hosts.deny and /etc/hosts.allow and as a result there's nobody can reset ssh except from SSH ONLY.

    BTW, That's what I'm on now, The same way.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. flashweb

    flashweb Well-Known Member

    Joined:
    Mar 13, 2003
    Messages:
    253
    Likes Received:
    2
    Trophy Points:
    168
    cPanel Access Level:
    Root Administrator
    Can you provide example of /etc/hosts.allow, never used this before :)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. ModServ

    ModServ Well-Known Member

    Joined:
    Oct 17, 2006
    Messages:
    332
    Likes Received:
    5
    Trophy Points:
    168
    Location:
    Egypt
    cPanel Access Level:
    Root Administrator
    Sample of allow:
    Sample of deny:

    Those settings will allow login to SSH only with this IP xx.xx.xx.xx and will deny anything else.

    Of course resetting SSH will override these settings, In that case you should chattr those files

    PHP:
    chattr +ia /etc/hosts.allow
    chattr 
    +ia /etc/hosts.deny
    Hope that helps.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice