The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to Install script to IP, securely?

Discussion in 'General Discussion' started by InDeep, Jun 4, 2011.

  1. InDeep

    InDeep Member

    Joined:
    Feb 28, 2006
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    Looking for a push in the right direction, hoping someone can give me their .02

    I am running CentOS with cPanel on a dedicated box that is in production with clients. I bought a script called Scriptcase. I have used Easy Apache to build Apache. I have 24 ip's to this box and probably 12 or so that are not in use. I posted this question on the forums over there but I dont think that it is really their department.

    I need (Want?) to install it on my dedicated box so I can access it regardless of what computer I am on or where I am. I am wanting to install it to an IP instead of a domain name and a random port. It makes me nervous though because if the bad guys get in, its pretty much game over.

    It requires permissions to be 777 and I run suphp for the clients and hosting. Scriptcase is just going to be for my use and I was figuring I would Deny all and then just allow my IP at home. My problem is that I dont think I could sleep well at night knowing I have a script installed with permissions like that.

    Is there a safe way to go about running a script like this on a production box?
    If there is a safe way, can someone give me a shove in the right direction on how I would configure Apache?

    I have read up here Changes Contained within a VirtualHost Directive I am still confused on if there is a safe route and if there is, what method I should use.

    Appreciate anyones thoughts on this!
     
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    On suPHP, any PHP script will not function with permissions 777 regardless. The script might require it on DSO, but it will not require 777 permissions under suPHP if it is a PHP-based script. You can run it with 755 and 644 file permissions and because the script will run as the user of the account, it will still run properly in PHP. If the script is not PHP-based, then suPHP or DSO PHP handlers don't matter in the permissions you set on the files.

    If you only allow your IP to access the script, then there isn't any way for anyone else to load the pages for the script. Additionally, you could use password protect directories and password protect the folder to require a username and password for accessing it. This can be set in cPanel > Password Protect Directories for the account you setup for the script.
     
Loading...

Share This Page