My current hoster has a script ‘SiteLock’. Here is the description:
“Here you can enabled / disable the ‘SiteLock’. SiteLock changes all files on your hosting account to be read-only.
Locking your account protects it against malicious changes / hacking.
Locking your account also stops YOU from changing/uploading any files till you unlock the account”
Is there a similar script for Virtualmin?
Hello @Alexandr and welcome to the Virtualmin community.
The same result can be achieved via Virtualmin’s file manager with two clicks, so the answer to your question is yes and no.
Virtualmin does not tout this false sense of security as a feature; if a hacker or malware gets access to an account then the read only permission of files will delay the inevitable unauthorized access for about 5 seconds longer, so what’s the point of having this as a feature?
The correct use case for Site Lock is to prevent a user who is drunk from making random alterations to his files… that’s all it is good for.
I’d be curious how it’s implemented. What does it actually do when you “lock” the account?
Does it just change file permissions to read-only or set the immutable bit? The immutable bit would make the files untouchable by any user other than root, so that seems likely.
I think, yes, it is exactly immutable because the “normal” attributes of the files that I see via FTP do not change.