Resellers cannot un-suspend accounts suspended by admin

max2000

Verified User
Joined
Nov 7, 2004
Messages
144
Location
Europe
Hi

One intersting problem I have with Direct Admin, is sometimes I must suspend a website hosted my sever and created by a reseller.

However, the reseller can make the account work again without any further action.

That would be great if the reseller can no longuer remove the suspension if this was enforced by the server admin.

Thank you
 

nobaloney

NoBaloney Internet Svcs - In Memoriam †
Joined
Jun 16, 2003
Messages
26,119
Location
California
We've had a similar problem; the reseller didn't believe the site owner was a spammer, so didn't want the site suspended.

While I'd like to see this "fixed" if possible, we resolved the problem by letting the reseller know that if they unsuspended the account we'd have to suspend their account.

:rolleyes:

Jeff
 

max2000

Verified User
Joined
Nov 7, 2004
Messages
144
Location
Europe
Yes Jeff, we contact the resellers everytime we suspend one of their customers, but sometimes they doens't care and we end up by suspending everyone.

I have an idea may be...

After suspending, I chown the suspended user account to root:root, so Direct Admin can no longuer crate the public_html link.

What do you think about?
 

Megalan-Robert

Verified User
Joined
Oct 15, 2005
Messages
21
max2000 said:
Yes Jeff, we contact the resellers everytime we suspend one of their customers, but sometimes they doens't care and we end up by suspending everyone.

I have an idea may be...

After suspending, I chown the suspended user account to root:root, so Direct Admin can no longuer crate the public_html link.

What do you think about?
In that case why not change the owner of the user to admin? There is a perl script that does that for you, I believe it's called da_usertool.pl

The problem I faced was I suspended the user and did contact the reseller (by mail) but the user contacted the reseller by phone before he got a change to read the mail and unsuspended a spammer.

It would be a nice feature though, a sort of "system suspend" that only the root can unsuspend again. I don't think it would be that hard to implement either.
 

max2000

Verified User
Joined
Nov 7, 2004
Messages
144
Location
Europe
I think my method of :

chown -R root:root useraccount

is dangerous. As result, the suspended users scripts will end up with root rights! If the codes were malicious, they will be even more damaging.
 

nobaloney

NoBaloney Internet Svcs - In Memoriam †
Joined
Jun 16, 2003
Messages
26,119
Location
California
if you remove the "x" bit from the directory no process or user can read into the directory.

Don't forget to change it back later.

Jeff
 

resolveit

Verified User
Joined
Mar 22, 2004
Messages
764
Hi, removing the x (execute bit) is a good idea but make sure you've suspended the user first... DA will rewrite the custom protion of the httpd.conf file to point to the suspended page and ban the user from logging in. Then you can remove the x-bit on /home/<username> and everything should work the way you want it :) The reseller cannot change the x-bit and unsuspending the user will cause major errors for the reseller meaning that the reseller will have to contact you to resolve the issues...

I might even be tempted to write a plugin for this (also to keep track of the accounts suspended with the plugin and resuspend them as soon as they've been unsuspended:D).

Regards,
 

max2000

Verified User
Joined
Nov 7, 2004
Messages
144
Location
Europe
You will NOT believe it!

The reseller managed to unsuspend himself and all his users!!!

How he did it? He hacked into my server?
 
Last edited:

nobaloney

NoBaloney Internet Svcs - In Memoriam †
Joined
Jun 16, 2003
Messages
26,119
Location
California
on which directory did you remove the 'x' bit?

Are you saying you suspended the reseller and he was able to unsuspend himself?

If you suspend the reseller he shouldn't even be able to log into the server.

If this reseller is in violation of your Terms of Service (we recommend every hosting company have a "Terms of Service") you should possibly immediately change his password and your main server password.

If at that point he can still get access, or if you believe his actions are criminal then you may need to take other action.

Jeff
 
Top