Banning I am being hosted by a friend and I have cpanel. I need to know how I can ban users from uploading gzip and gz files.
No one? Hmmm. I see so you don't know how to work your own product. Wow, never thought I would see the day.
the reason you have not had any responses is you are a little vauge with your question and the forums are for server administrators that run their own web servers with cpanel/whm ISTALLED. The question you asked would be best asked if you asked your web Host thats what you pay them for
What is 'your users" meant? You can prohibit thru your web application, but not to user who upload thru FTP
I appologize for my rude comment. Brought my work life into my personal life. But I know I should ask my host. I did but he has no clue. Ok this is the whole story: A friend of mine had a very popular website. Someone uploaded a .gz file that had a trojan and he took over his account and removed everything. Well I am hosting him now but I don't want that to happen again. So I need to find a way to not allow any .gz .gzip files on my account. I am not sure if that is something cpanel can do, or if that is something a .htaccess code could do. Again I am sorry for my rude comments earlier.
From what you say, it sounds like a gzipped file was somehow placed in the server's /tmp directory and then executed from there, probably by means of a known exploit in a web application such as phpBB. Your concern here is NOT gzipped files - these being legitmately uploaded in any form or fashion will not present you with any problems. The problem here is server security. In short, potentially vulnerable web applications should always be updated where possible to the latest known version and various pretty standard steps should be taken to prevent anything being executed from /tmp, or /var/tmp, that should not be. If you don't want a repeat of the previous issue, speak to your host about ensuring that the server on which the account is located is sufficiently hardened against such exploits.
I kind of thought that would be your answer. Thanks, and btw they use vbulletin. Not sure about any exploits with it since they are upgrading from 3.0.7 to 3.0.9 today. So hopefully the exploit will be removed with 3.0.7. Thanks for all your help.
