File Manager Data Error

[ruzbehraja]

http://forums.cpanel.net/f5/bug-rep...-file-ends-m-control-m-157537.html#post661521

Hi,

In addition to the reason in that earlier thread, i notice that the file manager gives the Data Error, when the .htaccess file is set to permission 000.

the problem disappears once you reset the htaccess permission back to 644.
But this requires to be done through FTP, since the File Manager wont open any folders.

Probably something to do with the explanation given here:
http://forums.cpanel.net/f5/file-manager-shows-data-error-166210.html#post694086

If some cpanel staff member can throw some light on why this happens, it would be great.

 

[Infopro]

I'm unclear on which problem you're having. You've got a file name causing an issue and can't get in to fix it due to permissions on your htaccess file?

 

[ruzbehraja]

Not really.

A users site had been compromised by a gumblar type ftp password theft. The htaccess had been modified and was redirecting traffic from his site.

The user did not want the files deleted from the public_html, for further investigation, and only wanted the permissions of all the compromised files set to 000 to lock them down from public view.

When I reset the permissions of htaccess to 000, the File Manager stopped working (it showed Data Error).

Hope its clear now.

 

[cPanelTristan]

Hello,

If you believe there is an issue with File Manager in this instance, please submit a bug report as well so that our developers are aware of the issue. Relaying information on the forum would be useful, but it is even more useful for bug reports to be submitted by customers when they find a product defect. The report option is available at the top of the forum, or using http://go.cpanel.net/bugs

Thanks!

 

[ruzbehraja]

Yes, but I wasn't sure about whether this is a bug or is it normal behavior, but I will open a bug report.

The main question was that:
Is File Manager supposed to be affected by changes to the users .htaccess file?


Thanks for the input anyway.

 

[Infopro]

Is File Manager supposed to be affected by changes to the users .htaccess file?

No, not that I'm aware of.

 

[ruzbehraja]

I did open a bug report with cpanel and this is what they said:

I have opened a case with development in regards to this to see if we can not allow File Manager to look at .htaccess when permissions are set to 000. The internal ID number is #56323. Once this is fixed it will reflect in the cPanel ChangeLog at Change Logs or you can check with us from time to time for the status.

I am wondering whether this can be misused, if the htaccess is compromised or manipulated, although I dont see any apparent method.

Thoughts welcome.

 

[cPanelTristan]

If someone gains access to your account to modify files such as .htaccess, you would have far more to worry about beyond File Manager not working due to .htaccess being set to 000 permissions.