A
Andrew D
Guest
Hi,
I'm running Plesk V10.2.0 on an Ubuntu VPS provided by webfusion.
Everything seems to be working well, however in my Service Plans I've set under the "Permissions" tab -> "Management of access to the server over SSH" to "Not Allowed".
This is great, as if a user does attempt to login via SSH, they get logged out again, however if that user logs into Plesk to administer their domain, they can overwrite this setting, OK they get a few warnings but they are able to go through the process and even choose their login shell giving them access to my entire server.
So you may think, well, limit access via the Firewall.. My idea exactly, however trying to active my firewall configuration I get the error block below
==============================================================================
safeact: safeact: /opt/psa/var/modules/firewall/firewall-new.sh failed:
WARNING: Deprecated config file /etc/modprobe.conf, all config files belong into /etc/modprobe.d/.
FATAL: Module ip6_tables not found.
ip6tables v1.4.4: can't initialize ip6tables table `filter': iptables who? (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
proc_close() failed: Undefined index: PLESK_DEBUG_SQL
===============================================================================
If I've missed something, then if someone can point my in the right direction I'd be very grateful!
Otherwise I find this very concerning because my users have the ability to overwrite my security measures and gain access to my server.
Thanks,
Andrew
I'm running Plesk V10.2.0 on an Ubuntu VPS provided by webfusion.
Everything seems to be working well, however in my Service Plans I've set under the "Permissions" tab -> "Management of access to the server over SSH" to "Not Allowed".
This is great, as if a user does attempt to login via SSH, they get logged out again, however if that user logs into Plesk to administer their domain, they can overwrite this setting, OK they get a few warnings but they are able to go through the process and even choose their login shell giving them access to my entire server.
So you may think, well, limit access via the Firewall.. My idea exactly, however trying to active my firewall configuration I get the error block below
==============================================================================
safeact: safeact: /opt/psa/var/modules/firewall/firewall-new.sh failed:
WARNING: Deprecated config file /etc/modprobe.conf, all config files belong into /etc/modprobe.d/.
FATAL: Module ip6_tables not found.
ip6tables v1.4.4: can't initialize ip6tables table `filter': iptables who? (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
proc_close() failed: Undefined index: PLESK_DEBUG_SQL
===============================================================================
If I've missed something, then if someone can point my in the right direction I'd be very grateful!
Otherwise I find this very concerning because my users have the ability to overwrite my security measures and gain access to my server.
Thanks,
Andrew