The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

php_error_log default permission with php cgi

Discussion in 'Security' started by bluepine, Oct 29, 2009.

  1. bluepine

    bluepine Active Member

    Joined:
    Dec 17, 2001
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    Hello,
    I noticed today that on my servers the php_error_log each user has in his document root is readable by everybody. Now I fixed it manually by setting every file to 600 but still it would be better if the file itself was created by default with those permission.

    Stefano
     
  2. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    While the error_log files may have read permission, by default they should not be accessible through the web sites they are located within. Public access is restricted by default through specific entries in the Apache configuration (httpd.conf) file; these should be included already and no additional steps may be necessary.

    For reference, here are the two specific entries I am referring to:
    Code:
    <Files ~ "^error_log$">
        Order allow,deny
        Deny from all
        Satisfy All
    </Files>
    
    <FilesMatch "^\.ht">
        Order allow,deny
        Deny from all
    </FilesMatch>
     
Loading...

Share This Page