I have been told about a 2 secuirty problems/holes on my dedi server I am running cpanel/whm 5.3-R56
These are the problems
I can see a list of all the domains we host, and I can view all the access logs for them and so can my clients when ftp'ing using USERNAME_logs. How do I stop this from displaying all the logs and just the logs for the user?
I can also been told that a user can see that on there domain there's an open directory called /java-sys/ . How do I close/lock this dir from displaying it the user ftp account?