How to blocking website

Posted June 6, 2017 2.3k views

hi, i have shared ssh account and someone use it for illegal activity on some site, how to block the site so my member can’t access on it?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
1 answer

Hi @gregoriusrahadi21

Does the user account have sudo access - or is it the user root - if that’s the case, then anything could have been installed or changed, meaning your server quite possibly has been compromised. In that case I would probably recommend reinstalling the entire server and manually go thru everything you copy over.

If the user only had access to limited parts of the system, then you can remove the public key from /home/USERNAME/.ssh/authorized_keys or /root/.ssh/authorized_keys.
If you’re using the same user account and the key, then you first need to generate a new key and then when you login with the new key, then you can remove the previous key.

  • The user doesn’t have access on root, just create in /bin/false. Just an account for SSH and VPN tunneling. But they use it for illegal activities and digitalocean often send me an complaint email

    • @gregoriusrahadi21
      Okay, simply remove the user - or the public key from /home/USERNAME/.ssh/authorized_keys. If you remove the public key, you need to disconnect the user, if the user is already connected, since SSH doesn’t read the authorized_keys until next login.

      • But unfortunately I don’t know who user that use it for illegal activities, so I decided to block the site that sent me a complaint

        • @gregoriusrahadi21
          Okay, if you run a VPN service for other users, then you need to log the activity for the user, so you can close down service for those users instantly.
          Remember that you’re legally responsible, so if someone does bad things that ends up reported to the police, then you might get into very serious problems.
          Or you might end up being suspended from DigitalOcean.