The possibility to access sites via IP/~USERNAME is enabled by default in DirectAdmin. If you want to disable this feature use:
# cd /usr/local/directadmin/custombuild # ./build set userdir_access no # ./build rewrite_confs
On our test server, the process is:
[root@web ~]# cd /usr/local/directadmin/custombuild [root@web custombuild]# ./build set userdir_access no ./build set userdir_access no Changed userdir_access option from yes to no [root@web custombuild]# ./build rewrite_confs Checking to ensure /etc/httpd/conf/ssl.crt/server.ca is set. Using 220.127.116.11 for your server IP Installing Comodo Rule Set for ModSecurity... Updating to latest CWAF client version current version is up to date update process finished! Defaulting to Comodo WAF SecDefaultAction... Installation of ModSecurity Rule Set has been finished. PHP has been secured. Restarting php-fpm74. Restarting php-fpm73. Restarting php-fpm70. Restarting php-fpm80. Defaulting to Comodo WAF SecDefaultAction... Restarting apache. [root@web custombuild]#
Notice that after the change, a 404 NOT Found error will be issued when trying to access the site via IP/~USERNAME or via HOSTNAME/~USERNAME.
Disable the ~username method