The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

mod_userdir Protection - exclude no longer work

Discussion in 'General Discussion' started by demomen, May 16, 2006.

  1. demomen

    demomen Well-Known Member

    Joined:
    Sep 25, 2004
    Messages:
    111
    Likes Received:
    0
    Trophy Points:
    16
    I have quite a problem with people stealing bandwidth so I checked up on this and if you enable it (Enable mod_userdir Protection) and try and exclude users who can use tilde(~) it will not work. I cannot unselect (nobody) - If I did unselect nobody I have found that the users will use the servers hostname to steal bandwidth so this has to remain enabled but the exclude needs to function

    WHM 10.8.0 cPanel 10.8.2-R83
     
  2. 24x7team

    24x7team Well-Known Member

    Joined:
    Jan 16, 2006
    Messages:
    67
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    really tough to find
    Is the user "nobody' listed in the exclude list
     
  3. demomen

    demomen Well-Known Member

    Joined:
    Sep 25, 2004
    Messages:
    111
    Likes Received:
    0
    Trophy Points:
    16
    Yes but you cannot disable it from WHM, can I do so from a file?
     
  4. Metro2

    Metro2 Well-Known Member

    Joined:
    May 24, 2006
    Messages:
    376
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    I'm having the same issue - even though "nobody" is excluded and the account in question is also excluded, we still cannot access http://xxx.xxx.xxx.xxx/~user/

    I have a new customer who has not updated nameservers and is moving to my service, and needs to be able to see their pages as they're uploaded before making the switch.

    Can anyone please provide some advice? Thanks very much in advance.
     
  5. McPhee

    McPhee Registered

    Joined:
    Dec 5, 2006
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    I was having the same problem with all accounts on a specific server. I had disabled mod_userdir for all users except 'nobody' and access to http://servername/~user was returing with:
    Forbidden
    You don't have permission to access /~user/index.php on this server.

    All of the permissions were setup correctly, so wasn't sure where else to look.

    Next step:
    I added the following to an .htaccess file within the user's document root:
    Options FollowSymLinks -Indexes +ExecCGI
    Tada! It was functional. (For this account)

    Logically, I'm assuming this could be remedied server-wide through the /usr/local/apache/conf/httpd.conf file.

    <IfModule mod_userdir.c>
    UserDir public_html
    </IfModule>

    ###Control access to UserDir directories
    <Directory /home/*/public_html>
    <several directives>
    </Directory>


    Using the .htaccess file was my prefered method, as most users do not require this type of access.

    Hope this helps someone.:cool:
     
Loading...

Share This Page