The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

script find wp-config and change the permission, good or useless??

Discussion in 'Security' started by system1351, Jan 9, 2013.

  1. system1351

    system1351 Member

    Joined:
    May 17, 2010
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    World Wide Web
    cPanel Access Level:
    Root Administrator
    Hi,

    all know the WP and Joomla has hacked every day

    i make a script who find and change a permission of wp-config.php from 777 to 600 or 644 to prevent hacked BUT...

    but when i put 777 to wp-config.php and i try to access with the URL, for example http://domain.com/wp-config.php (file with 777) i can't view and do anything with that file


    MY ASK IS:
    if that case i can't do anything with that file, WHY is a security risk have that file wp-config.php with 777 ??


    :)

    thanks
     
  2. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    The reason you couldn't do anything with it is that it was mode 600 or mode 777. Mode 600 protects against the hack, mode 777 is stopped by the system as it is also insecure.

    When you access a PHP file via the normal means, as you did, it checks the file permissions and if it is mode 777 suphp will prevent it running and give you an error.

    Normally this file is never accessed directly. The issue you are protecting yourself from with this change works another way and you would not be able to simulate it or test it directly. (If you want to test it, you could try renaming your file to fred.txt and visit it in the browser. If protected it should fail)
     
  3. HSN-Saman

    HSN-Saman Member

    Joined:
    Jan 11, 2013
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    DataCenter Provider
    Actually it depends on the php handler on the server , normally 777 means world-wide readable / writable and anothers may read that file in DSO mode easily . the same for other PHP handlers so it would be better to keep it on 600 or even 644 is fine when the server is hardened . if you are on SuPHP and had set open_basedir to "/home/$usr/:/tmp:/others" there is no worries and files are being protected ... open_basedir is not the only way so you need to do other security tweaks such as symlink protection too.

    P.S : to set open_basedir value to /home/$usr/ you need custom templates and custom script as $usr is variable to cpanel user :)
     
  4. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    Sorry, just realized I missed answering your main question!

    When a file is 777 there are two core issues:
    • anyone on the server could read the file
    • anyone on the server could CHANGE the file
    If the file is mode 777, suphp can detect the file is writable (777) and prevent it running as a security problem.

    Your problem here is not the mode 777 as such, it's the mode 644 that allows the file contents to be read, and if it's a wp-config.php file, the username/password get stolen.

    Also, somehow, you've incorrectly picked up that the discussion on the internets at the moment is saying mode 777 is bad. It is actually saying mode 644 is bad. (Mode 777 is bad, but everyone knows that)

    If you set the file to 600 that stops other users on the server (or other users who have been exploited somehow) from stealing passwords.

    I've written a bit more on this at: Apache symlink security issue fix/patch - whmscripts
     
  5. nibb

    nibb Well-Known Member

    Joined:
    Mar 22, 2008
    Messages:
    301
    Likes Received:
    1
    Trophy Points:
    18
    What symlink protection exactly? There is no symlink protection available at all. Nothing stops someone from reading files in the server, and with such database credentials or files that store some kind of logins, this includes basically any web app using MySQL
     
Loading...

Share This Page