How to disable access to http://[ip or hostname]/~username

By default, on a DirectAdmin server, you can access user accounts via http://hostname/~username and http://IP/~username. Via this way, a third party can find out the actual username of a user on the server. You might want to disable this option.

To disable “~username” access:

1. Connect to your DirectAdmin server with SSH

2. Run the three commands:

cd /usr/local/directadmin/custombuild
./build set userdir_access no
./build rewrite_confs

Output example from a test server:

[root@web /]# cd /usr/local/directadmin/custombuild
[root@web custombuild]# ./build set userdir_access no
Changed userdir_access option from yes to no
[root@web custombuild]# ./build rewrite_confs
Checking to ensure /etc/httpd/conf/ssl.crt/server.ca is set.
Using xx.xx.xx.xx for your server IP
Installing Comodo Rule Set for ModSecurity...
Updating to latest CWAF client version
current version is up to date
update process finished!
Copying custom ModSecurity rules to /etc/modsecurity.d/...
Defaulting to Comodo WAF SecDefaultAction...
Installation of ModSecurity Rule Set has been finished.
PHP has been secured.
Restarting php-fpm74.
Restarting php-fpm80.
Copying custom ModSecurity rules to /etc/modsecurity.d/...
Defaulting to Comodo WAF SecDefaultAction...
Restarting apache.
[root@web custombuild]#

With the new settings, trying to access /~username you will get a 404 Not Found HTTP error.


Sometimes, users access the ~username/ address to test their site before the nameserver has propagated. To overcome the absence of this option, you can use the hosts file on your computer. Edit the hosts file and temporarily add:

server-IP domain.com www.domain.com

Example:

11.22.33.44 plothost.com www.plothost.com

Leave a Reply