domlogs

Not sure how that's being done?

Even using an account with SSH access privilages, I was not able to login with an FTP program and view the domlogs of any account, using the method you described.

 

That's normal to see them all but you should only be able to download your own. If your able to download others' logs then the permissions on the files are incorrect.

For the domainlogs it should be 640 with root:userid

 

Putting them on their own IP will not make a difference, cause all logs are stored in the same area.

I do not think you will be able to hide them. The directory needs to viewable by all to see their logs.

The only other option and it will be a big pain to you, is to modify httpd.conf and for his domain(s) change the location of his logs somewhere else. I don't really recommend doing that though as it will be a big pain in your ***.

I also though am not entirely sure where to modify the username_logs login id to point to a different area.

One other thought is modify as noted above but use a subdirectory in domlogs changing permissions only for root and the user. Again this though could become a support pain.


TO Anser your questions;

1. chmod 644 the domainlog files NOT the byte files
2. chown root:userid the domainlog files NOT the byte files

 

Notice though that this stops anyone from accessing any log in that folder including their own. This simply disables this feature.

 

I haven't tried CPanel 6 yet, but I hope they have reorganized things like this.

Why doesn't every domain have its own logs directory, so that when you ftp to it you end up in that domain's logs directory.

I don't see the logic of putting the logs for all clients on the server in 1 directory.

 

It also would not take much, a simple tweak of wwwacct would do this automatically. I may even try it on one of our servers to see.

Make it so the structure is /domlogs/domainname/files

 

Or better domlogs/username/files
The problem as always are subdomains...

 

Alright, now I feel like I'm missing out on something.

Why is that some setups can do this and some not? Does it have to do perhaps, with which version of WHM one is using -- I, for example, use 5.3 E133. Or is it from some other option to do with setup of WHM and/or FTP?

 

Well I got to work by doing some modifications to wwwacct.

Now for the BUT! But, here is the issue, all the stats programs fail and raw download ends up blank.

 

More to the point, I don't want anyone going through the touble of trying something here, I wondering if this is some how a default setup or if changes were made on purpose to allow it -- thread starter didn't mention this.

I don't see why anyone would &want& a setup like this and if done by default, I would like to know how to turn it off. My WHM install was done by my DC and I'm not sure what they did.

 

Rob;

All my servers are on the same version as you and any user was able to ftp in using username_logs and see everyone elses log domain logs. I as well had the servers setup by the NOC and even when I hosted with other companies in the past this was an issue.

 

Thanks for the info, David. Presuming this is not so simple as being dependant upon which FTP program is used -- and the fact that I was not aware of this (security bug?) until now, with my own Server -- it leaves to me think it must have something to do with either of:

settings for 'rhosts' (which I've disallowed) and/or PHP safemode (which I've turned on).

Any thoughts?

I mean, I'm glad this cannot happen on my Server and would like to know how/why so I can always make sure it is done this way.

 

I really don't know, I do know it has nothing to do with the ftp software either client side or server side. Are you on RH8 by any chance? or 7.3?

I take it that when you try this on your server you see only that users particular logs?

 

I'm using 7.3 and I get nothing. I've tried with two different FTP programs and this is all I get:

Here is an excerpt:

~ Connecting...
~ Connected to xx.xx.xx.xx, waiting for response...
& 220 ProFTPD 1.2.4 Server (ftp.domain.com) [xx.xx.xx.xx.]
& USER xxxxxxxx_logs
& 331 Password required for xxxxxxxx_logs.
& PASS *****
& 230 User xxxxxxxx_logs logged in.
& 257 &/& is current directory.
~ Login completed.

Directory is blank and I cannot go anywhere.

Do you, David, or anyone with this problem, allow &rhosts& and have PHP SafeMode turned off? Just looking to compare apples to apples as much as possible.