The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

domlogs

Discussion in 'General Discussion' started by silvernetuk, Feb 4, 2003.

  1. silvernetuk

    silvernetuk Well-Known Member

    Joined:
    Sep 2, 2002
    Messages:
    311
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    United Kingdom
    Hi,

    Can someone tell me if I got this right

    At current clients can going to to the domlogs folder via ftp with username as USERNAME_logs

    Is it right if I chmod the domlogs folder to 711 it hides everything when ftp'ing in as USERNAME_logs

    Regards,
    Garry
     
  2. Website Rob

    Website Rob Well-Known Member

    Joined:
    Mar 23, 2002
    Messages:
    1,506
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    Alberta, Canada
    cPanel Access Level:
    Root Administrator
    Not sure how that's being done?

    Even using an account with SSH access privilages, I was not able to login with an FTP program and view the domlogs of any account, using the method you described.
     
  3. silvernetuk

    silvernetuk Well-Known Member

    Joined:
    Sep 2, 2002
    Messages:
    311
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    United Kingdom
    Hi,

    basicly what I am getting if I log into ftp use USERNAME_logs it goes into a directory / and that display all the log files

    Regards,
    Garry
     
  4. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    That's normal to see them all but you should only be able to download your own. If your able to download others' logs then the permissions on the files are incorrect.

    For the domainlogs it should be 640 with root:userid
     
  5. silvernetuk

    silvernetuk Well-Known Member

    Joined:
    Sep 2, 2002
    Messages:
    311
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    United Kingdom
    Hi,

    I did want to hide them if possible, as I have a client saying they don't want other people to know his sub-domains, what I do fine a bit funny, the only other thing is I could put them on there own ip address, if I had to.

    As for the chmod of these log files.

    Do I chmod the files to 640 and how do I set the root:userid or the whole folder ?
     
  6. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    Putting them on their own IP will not make a difference, cause all logs are stored in the same area.

    I do not think you will be able to hide them. The directory needs to viewable by all to see their logs.

    The only other option and it will be a big pain to you, is to modify httpd.conf and for his domain(s) change the location of his logs somewhere else. I don't really recommend doing that though as it will be a big pain in your ***.

    I also though am not entirely sure where to modify the username_logs login id to point to a different area.

    One other thought is modify as noted above but use a subdirectory in domlogs changing permissions only for root and the user. Again this though could become a support pain.


    TO Anser your questions;

    1. chmod 644 the domainlog files NOT the byte files
    2. chown root:userid the domainlog files NOT the byte files
     
  7. silvernetuk

    silvernetuk Well-Known Member

    Joined:
    Sep 2, 2002
    Messages:
    311
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    United Kingdom
    Hi,

    Thank you David will do that in the morning now, I do remeber on my old dedi server chmod the domlogs folder to something and that hide them all when ftp'ing in as USERNAME_logs will search the CPanel Forum again tomorrow just in case I missed something.

    Regards,
    Garry
     
  8. silvernetuk

    silvernetuk Well-Known Member

    Joined:
    Sep 2, 2002
    Messages:
    311
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    United Kingdom
    Hi,

    This is the thread I belive
    http://216.118.116.105/read.php?TID=5001

    about chmod the domlogs folder to 711

    Regards,
    Garry
     
  9. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    Notice though that this stops anyone from accessing any log in that folder including their own. This simply disables this feature.
     
  10. silvernetuk

    silvernetuk Well-Known Member

    Joined:
    Sep 2, 2002
    Messages:
    311
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    United Kingdom
    Hi,

    Yes I did notice that, not so good but maybe the easiest way to get around it, but will chmod and chown the logs see if any of my clients say anything, if they do I will have to chmod the folder to 711 and hide everything.

    Regards,
    Garry
     
  11. jamesbond

    jamesbond Well-Known Member

    Joined:
    Oct 9, 2002
    Messages:
    738
    Likes Received:
    1
    Trophy Points:
    18
    I haven't tried CPanel 6 yet, but I hope they have reorganized things like this.

    Why doesn't every domain have its own logs directory, so that when you ftp to it you end up in that domain's logs directory.

    I don't see the logic of putting the logs for all clients on the server in 1 directory.
     
  12. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    It also would not take much, a simple tweak of wwwacct would do this automatically. I may even try it on one of our servers to see.

    Make it so the structure is /domlogs/domainname/files
     
  13. Juanra

    Juanra Well-Known Member

    Joined:
    Sep 22, 2001
    Messages:
    777
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Spain
    Or better domlogs/username/files
    The problem as always are subdomains...
     
  14. Website Rob

    Website Rob Well-Known Member

    Joined:
    Mar 23, 2002
    Messages:
    1,506
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    Alberta, Canada
    cPanel Access Level:
    Root Administrator
    Alright, now I feel like I'm missing out on something. ;)

    Why is that some setups can do this and some not? Does it have to do perhaps, with which version of WHM one is using -- I, for example, use 5.3 E133. Or is it from some other option to do with setup of WHM and/or FTP?
     
  15. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    Well I got to work by doing some modifications to wwwacct.

    Now for the BUT! But, here is the issue, all the stats programs fail and raw download ends up blank.
     
  16. Website Rob

    Website Rob Well-Known Member

    Joined:
    Mar 23, 2002
    Messages:
    1,506
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    Alberta, Canada
    cPanel Access Level:
    Root Administrator
    More to the point, I don't want anyone going through the touble of trying something here, I wondering if this is some how a default setup or if changes were made on purpose to allow it -- thread starter didn't mention this.

    I don't see why anyone would &want& a setup like this and if done by default, I would like to know how to turn it off. My WHM install was done by my DC and I'm not sure what they did.
     
  17. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    Rob;

    All my servers are on the same version as you and any user was able to ftp in using username_logs and see everyone elses log domain logs. I as well had the servers setup by the NOC and even when I hosted with other companies in the past this was an issue.
     
  18. Website Rob

    Website Rob Well-Known Member

    Joined:
    Mar 23, 2002
    Messages:
    1,506
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    Alberta, Canada
    cPanel Access Level:
    Root Administrator
    Thanks for the info, David. Presuming this is not so simple as being dependant upon which FTP program is used -- and the fact that I was not aware of this (security bug?) until now, with my own Server -- it leaves to me think it must have something to do with either of:

    settings for 'rhosts' (which I've disallowed) and/or PHP safemode (which I've turned on).

    Any thoughts?

    I mean, I'm glad this cannot happen on my Server and would like to know how/why so I can always make sure it is done this way. :)
     
  19. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    I really don't know, I do know it has nothing to do with the ftp software either client side or server side. Are you on RH8 by any chance? or 7.3?

    I take it that when you try this on your server you see only that users particular logs?
     
  20. Website Rob

    Website Rob Well-Known Member

    Joined:
    Mar 23, 2002
    Messages:
    1,506
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    Alberta, Canada
    cPanel Access Level:
    Root Administrator
    I'm using 7.3 and I get nothing. I've tried with two different FTP programs and this is all I get:

    Here is an excerpt:

    ~ Connecting...
    ~ Connected to xx.xx.xx.xx, waiting for response...
    & 220 ProFTPD 1.2.4 Server (ftp.domain.com) [xx.xx.xx.xx.]
    & USER xxxxxxxx_logs
    & 331 Password required for xxxxxxxx_logs.
    & PASS *****
    & 230 User xxxxxxxx_logs logged in.
    & 257 &/& is current directory.
    ~ Login completed.

    Directory is blank and I cannot go anywhere.

    Do you, David, or anyone with this problem, allow &rhosts& and have PHP SafeMode turned off? Just looking to compare apples to apples as much as possible.
     
Loading...

Share This Page