Knowledge Base
MilesWeb / DirectAdmin, How-Tos, Web Hosting FAQ

How to Block DirectAdmin Commands for Users?

Approx. read time : 3 min

Server administrators exercise the ultimate authority over a hosting server. They can even grant or deprive the user accounts of some of that authority. Admins of DirectAdmin servers can exercise this power as they can block some of the commands that users can run.

With SSH Access, Admins can:

Block DirectAdmin Commands for all the User Accounts

The never_commands setting in /usr/local/directadmin/conf/directadmin.conf file will block commands globally and for all the users on the server.

The syntax to block commands with the never_commands setting:

For example,

It will block the commands to create new admin accounts.

 

For the command to take effect, restart DirectAdmin:

 

Block the DirectAdmin Commands for Specific Users.

For specific users, blocking commands requires a bit of preparation.

1. Create files commands.allow and commands.deny. These files are very similar to the CSF files – csf.allow and csf.deny.

Let’s see what to put in these files-

  • commands.allow: The DirectAdmin commands that the user is allowed to use.
  • commands.deny: The DirectAdmin commands you want to deny/block for the user.
Rules to Create the commands.allow and commands.deny Files
  1. Enter one command per line.
  2. If a command is present in both commands.allow and commands.deny files, the user is allowed to use the command.
  3. If the commands.allow file is empty, i.e. there are no commands in it, the system will block every command for the user.
  4. Users cannot use the commands exceeding their access level even after adding them to commands.allow.

The moment a user tries to execute a command you have denied or blocked, DirectAdmin will give an error message.

Here are the links where you can find all the DirectAdmin commands:

https://www.directadmin.com/api.html
https://www.directadmin.com/search_versions.php?help=no&versions=yes&query=CMD_API_
https://www.directadmin.com/search_versions.php?help=no&versions=yes&query=CMD_ 

You can block these commands globally or for a specific user on your DirectAdmin server.

Prasad Khartadkar
Prasad is a business grad specialized in Marketing. He has garnered experience as a technical content writer and a digital marketer that he brings out in his work. He likes reading classics and travel in his free time.