Restrict Console Device Access
The default system configuration grants the console user enhanced privileges
normally reserved for the root user, including temporary ownership of most system devices.
If not necessary, these privileges should be removed and restricted to root only.
Restrict device ownership to root only.
Edit /etc/security/console.perms.d/50-default.perms and locate the section prefaced by the following comment:
# permission definitions
Prepend a # symbol to comment out each line in that section which starts with [console] or [xconsole]
Edit /etc/security/console.perms and make the following changes:
[console]=tty[0-9][0-9]* vc/[0-9][0-9]* :0\.[0-9] :0
[xconsole]=:0\.[0-9] :0
Mount and Access NTFS Partition
NTFS-3G is an open source cross-platform implementation of the Microsoft Windows NTFS file system with read-write support. NTFS-3G often uses the FUSE file system interface, so it can run unmodified on many different operating systems. It is runnable on Linux, FreeBSD, NetBSD, OpenSolaris, and Mac OS X.
On Ubuntu / Debian
ubuntu@server3:~$ apt-cache search ntfs-3g
libntfs-3g-dev - ntfs-3g filesystem in userspace (FUSE) library headers
libntfs-3g79 - ntfs-3g filesystem in userspace (FUSE) library
ntfs-3g - read-write NTFS driver for FUSE
ntfs-config - Enable/disable write support for any NTFS devices
Usage
If there was no error during installation then the NTFS volume can be mounted in read-write mode for everybody as follows. Unmount the volume if it had already been mounted, replace /dev/sda1 and /mnt/windows, if needed.
mount -t ntfs-3g /dev/sda1 /mnt/windows
Please see the NTFS-3G Manual for more options and examples.
You can also make NTFS to be mounted during boot by adding the following line to the end of the /etc/fstab file:
/dev/sda1 /mnt/windows ntfs-3g defaults 0 0
How to restore your SSH access using WHM Autofixer
If you are locked out and can’t SSH to your server, WHM Autofixer may help you!
Here is process to restore SSH settings and access.
1. Login to your WHM using the following URL:
https://HOSTNAME-OR-IP:2087/scripts2/autofixer
Change the HOSTNAME-OR-IP as appropriate for you.
2. In the Autofixer interface, put the name safesshrestart as shown on the image.
WHM SSH Autofixer
3. Hit the Submit button.
This will restore your SSH configuration and restart your sshd! You should be able to login easily after that!
Block an IP from access to your server with IPtable
Use the command netstat -n command to see the IP addresses connected to your server. Once you have found the IP address you want to block you can use the following below command to block them from accessing your server using iptables.
-I INPUT 1 means to insert the rule at the top of the INPUT table (which means it will get looked at first)
-s IP-ADDRESSS is the source address of the packets we want to deal with
-j DROP means dump the packets into the void, and forget they ever happened.
iptables -I INPUT 1 -s IP-ADDRESSS -j DROP
Limit SSH access By IP Address
Secure your server more, and prevent brute force attacks, you can limit SSHd to certain IP addresses by manipulating the /etc/hosts.allow file and the /etc/hosts.deny file.
Open /etc/hosts.allow
Use the following command to open the hosts.allow file:
Once this file is open, add the following line:
Open /etc/hosts.deny
Use the following command to open the hosts.deny file:
Once it opens, add the following line to the file:
Save and exit, and you have successfully limited SSH access by IP address.
