Go Back   cPanel Forums > cPanel® and WHM® (for Linux® and FreeBSD® Servers) > cPanel and WHM Discussions
cpanel apache directory cpanel apache directory
Register FAQ Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 06-09-2009, 09:32 PM
Registered User
  
Join Date: Apr 2009
Posts: 36
liang3391 is on a distinguished road
cpanel apache directory
cpanel apache directory absolutely not locked, although users can not be cross-directory access, users can access other directories, or may be accessed through other webshell directory.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 06-10-2009, 10:18 AM
chirpy's Avatar
Moderator
  
Join Date: Jun 2002
Location: Go on, have a guess
Posts: 13,495
chirpy will become famous soon enough
It's perfectly normal in a shared hosting environment that users can view some directories and files outside of their web root. It's the responsibility of the server administrator to user linux file permissions and ownerships to protect anything that might be sensitive.

One obvious example is to ensure that you always have suPHP compiled into the Apache build (and suEXEC enabled) so that web scripts don't run under the common nobody account, but the individual user accounts.
__________________
Jonathan Michaelson
cPanel Forum Moderator

Need your cPanel servers secured and tuned?
cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services
Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf
http://www.configserver.com
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 06-10-2009, 08:38 PM
Registered User
  
Join Date: Apr 2009
Posts: 36
liang3391 is on a distinguished road
cpanel
I open the server to the user of ssh, such an environment the user can not view the users directory, but in addition users can view other than the directory would create safety hazards. Webshell to the outside world through the invasion. Absolute lock users can reduce the safety hazard
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« Brute force | cPanel 11.24 DNS API - editdns missing »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
Apache conf.d directory missing Help nadeem1973 cPanel and WHM Discussions 0 03-17-2008 05:39 AM
How to forward apache domlogs to another directory E-dentify cPanel and WHM Discussions 1 01-27-2005 09:31 AM
Configure apache to look in user directory tracym cPanel and WHM Discussions 8 03-27-2004 02:59 PM
restricting access in one directory into cpanel directory manokiss Themes and Branding 2 11-25-2002 12:06 AM
Switching apache directory listings off flashhosts cPanel and WHM Discussions 2 10-18-2002 05:52 AM


All times are GMT -5. The time now is 12:05 AM.


Powered by vBulletin® Version 3.8.2
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
© cPanel Inc