How to blocking website

Hi @gregoriusrahadi21

Does the user account have sudo access - or is it the user root - if that’s the case, then anything could have been installed or changed, meaning your server quite possibly has been compromised. In that case I would probably recommend reinstalling the entire server and manually go thru everything you copy over.

If the user only had access to limited parts of the system, then you can remove the public key from /home/USERNAME/.ssh/authorized_keys or /root/.ssh/authorized_keys. If you’re using the same user account and the key, then you first need to generate a new key and then when you login with the new key, then you can remove the previous key. https://www.digitalocean.com/community/tutorials/how-to-use-ssh-keys-with-putty-on-digitalocean-droplets-windows-users

Heya,

I’m sorry to hear that you’ve experienced this. Unfortunately it is not uncommon for account to get compromised and later used for malicious activity.

Here are the steps you can take to block access to the specific website while maintaining the integrity of your SSH account:

• Change the SSH Password:

The first and most crucial step is to change the password for your SSH account to prevent unauthorized access.

• Identify the Targeted Website:

Find out which website the unauthorized activity is taking place on. You may need to review logs or reports to identify the specific site.

• Access Control Lists (ACLs):

If you have control over the server’s firewall or router, you can create Access Control Lists (ACLs) to block traffic to the specific website. This can be done using tools like iptables on Linux. However, this may require administrative access to the server or router.

• Contact the Website Administrator or ISP:

If the illegal activity is taking place on a website you don’t control, consider contacting the website administrator or the Internet Service Provider (ISP) responsible for hosting the website. Report the issue and provide any relevant information.

• Enhance Security:

Strengthen the security of your SSH account by enforcing stronger passwords, using key-based authentication, and regularly monitoring access logs.

• Consider Restricting Access:

Evaluate whether you should continue sharing the SSH account. It might be more secure to restrict access to trusted individuals or consider alternative access control mechanisms.

Remember that taking swift action is crucial to prevent further illegal activities and protect yourself from potential legal issues. If you’re unsure about any of these steps, consider seeking the assistance of our support team, here in the community or a third party.

Hope that this helps!