Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

a security question

Discussion in 'Security' started by mahdionline, Aug 9, 2004.

  1. mahdionline

    mahdionline Well-Known Member

    Joined:
    Oct 18, 2003
    Messages:
    127
    Likes Received:
    0
    Trophy Points:
    166
    Hi

    if a folder or root directory havnot a index page, when a user call that domain or folder , it see the list of files in that folder. :(


    what can i do to avoid displaying the files in any folder that havenot an index page. !

    Regard
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,470
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. eazistore

    eazistore Well-Known Member

    Joined:
    Nov 7, 2003
    Messages:
    70
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    Singapore
    Hi mahdionline,

    I suggest you to disable some php functions.
    Add the following line in your php.ini should work:

    (locate at /usr/local/lib/php.ini if you are using cpanel)
    disable_functions =
    dl,exec,passthru,proc_open,proc_close,shell_exec,system,popen

    then restart your httpd.

    But please be warn. If any php scripts stop working, you can edit this line dl,exec,passthru,proc_open,proc_close,shell_exec,system,popen to tune it.

    I have help a friend with that and also, when I try to use your mention script to call via http, it shows error. Try it and you shall see the result.

    Lastly,
    Please make a backup copy of your php.ini
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. SarcNBit

    SarcNBit Well-Known Member

    Joined:
    Oct 14, 2003
    Messages:
    1,010
    Likes Received:
    3
    Trophy Points:
    168
    I think you meant to post this in his other thread (#2).

    This is a noindex issue.
     
  5. eazistore

    eazistore Well-Known Member

    Joined:
    Nov 7, 2003
    Messages:
    70
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    Singapore
    Oh yes, this should be posted in the other thread (2).
    My mistakes... sorry :(
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. mahdionline

    mahdionline Well-Known Member

    Joined:
    Oct 18, 2003
    Messages:
    127
    Likes Received:
    0
    Trophy Points:
    166
    Hi

    I'm confused :

    I see , we have two httpd.conf on our server :

    usr/local/apache/conf/httpd.conf
    and
    etc/httpd/conf/httpd.conf

    Which one is master file ?
    I add -Indexes to my /usr/local/apache/conf/httpd.conf file and then restart apache from whm, but the problem donot solved and still i can the contain of a folder that havnot index page.
    Regard
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #6 mahdionline, Nov 24, 2004
    Last edited: Nov 24, 2004
  7. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,470
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    They're the same file - the directory above is a symlink.

    You should follow the thread I posted in my reply.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice