security problem - need help asap

**Silvernet_UK** · 11-28-2002, 07:11 AM

Hi,

I have been told about a 2 secuirty problems/holes on my dedi server I am running cpanel/whm 5.3-R56

These are the problems

I can see a list of all the domains we host, and I can view all the access logs for them and so can my clients when ftp'ing using USERNAME_logs. How do I stop this from displaying all the logs and just the logs for the user?

I can also been told that a user can see that on there domain there's an open directory called /java-sys/ . How do I close/lock this dir from displaying it the user ftp account?

Regards,
Garry

**silvernetuk** · 11-28-2002, 10:08 AM

Hi,

I have found out that the /java-sys/ folder is displayed when anyone type in http://www.domain-name.com/java-sys/ and it displays the dir listings, both Class and Java files anyone please help I need this sorted asap.

Regards,
Garry

**dgbaker** · 11-28-2002, 10:19 AM

[quote:c360537f7c][i:c360537f7c]Originally posted by silvernetuk[/i:c360537f7c]

Hi,

I have far found out that the /java-sys/ folder is displayed when anyone type in http://www.domain-name.com/java-sys/ and it displays the dir listings, both Class and Java files anyone please help I need this sorted asap.

Regards,
Garry[/quote:c360537f7c]

Put a .htaccess file in the directory /usr/local/cpanel/java-sys with the following in it

Options -Indexes

**silvernetuk** · 11-28-2002, 10:22 AM

Hi,

Thank you for that, what about the other problem with the logs ?

Regards,
Garry

**silvernetuk** · 11-28-2002, 10:24 AM

Hi,

I do not mean to be thick but how do I put the .htaccess in that folder this is the first time I have every had a dedi server and I know very little SSH could you do me a guide please ?

Regards,
Garry

**silvernetuk** · 11-28-2002, 02:11 PM

Hi,

I understand I have to log into root then type

cd /usr/local/cpanel/java-sys

but how do I put/make the .htaccess file ?
and then I put Options -Indexes in the .htaccess file

But how do I make the .htaccess file from fresh or how do I edit it if it already there ?

Regards,
Garry

**dgbaker** · 11-28-2002, 02:23 PM

You can use vi or pico.

In that directory type pico

Type in the info you want.

Hi ctrl+x then type yes
type in the filename .htaccess

Done

**Silvernet_UK** · 11-29-2002, 07:04 AM

Hi David,

Thank you for that, very much appreciated

Regards,
Garry
Silvernet UK Ltd.

Forums

Thread: security problem - need help asap

LinkBack

Thread Tools

security problem - need help asap

how do I make .htaccess file

Similar Threads

i got a major problem need help asap [moved]

Need Help ASAP , FTP Problem

Big problem with usrquota.Please help ASAP

subdomain problem..asap plz

Major Problem Need Help ASAP

cPanel & WHM

Enkompass

Help

Community

Company

Connect with Us