The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Few New User Questions

Discussion in 'Database Discussions' started by moFBush, Aug 31, 2006.

  1. moFBush

    moFBush Well-Known Member

    Joined:
    Dec 31, 2005
    Messages:
    51
    Likes Received:
    0
    Trophy Points:
    6
    Hello,

    I'd like to see if I could get a few of my questions asnwered here on the cPanel Forums.

    First off I'm looking for a way to edit system files (any/all files) via something other than SSH -- I purchased CuteFTP Professional because it supports SecureFTP which from what I understand you're able to access the system with a root login via sFTP. For some reason my system isn't allowing me to access via sFTP with the root login. What am I doing wrong?

    Second, i've got installed "ConfigServer Security & Firewall - csf v2.21" which helps easily control ports that are open, IP's that need to be filtered and the security level of my machine. On the note of security, I have a question.. What is "phpsuexec" ? The ConfigServer software is telling me I should recompile Apache with it enabled and that I should know what it is before I do so.

    Third, along with the ConfigServer Software it also tells me to set a limit of how many emails can go out via "WHM > Tweak Settings > The maximum each domain can send out per hour" What is a good setting for this?

    Thank you very much for your time and support. I love the software you guys are developing it makes my life a LOT easier.

    Ken
     
  2. moFBush

    moFBush Well-Known Member

    Joined:
    Dec 31, 2005
    Messages:
    51
    Likes Received:
    0
    Trophy Points:
    6
    Well I solved one of my problems. I'm able to use SFTP now, I didnt realize it ran off of the SSH port which I changed from 22 to a different value.

    Someone please answer my other questions :rolleyes: :D :eek: :rolleyes:
     
  3. angelina_holy

    angelina_holy Well-Known Member

    Joined:
    Aug 6, 2006
    Messages:
    113
    Likes Received:
    0
    Trophy Points:
    16
    On most Apache servers, PHP runs as an Apache Module. As such, it runs directly in the user Nobody, but doesn't require the execute flag.

    This means that in order to execute a PHP file, it simply needs to be world readable.
    The problem is that this allows every other users on the server to read your PHP files !

    Allowing other users to read your HTML files is not a problem, since they can be displayed in Internet Explorer. However, PHP files are not readable, they are parsed.

    Many scripts use a PHP file to store a database username and password. This means that on another server every client could read your PHP files, retrieve your password and access your databases.
    We did so by installing a module called PHPsuexec, which executes PHP scripts under your username.
    As such, instead of using everyone's permissions it uses the owner's permissions.
    You can thus change the permissions of your PHP scripts to : 0700 or 0400 and still be able to read and execute them. However, these scripts will no longer be accessible to any other users.
    fact, PHPsuexec will refuse to execute a script if it is world-writtable to protect you from someone abusing one of your scripts.


    2.The maximum mails to be send is 500
     
Loading...

Share This Page