The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

securing an uploads directory, any tips?

Discussion in 'General Discussion' started by verdon, Jul 29, 2004.

  1. verdon

    verdon Well-Known Member

    Joined:
    Nov 1, 2003
    Messages:
    836
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Northern Ontario, Canada
    cPanel Access Level:
    Root Administrator
    Hi :)

    Some background... I had to set up an easy means for clients to send us files on an occasional basis that are too large to e-mail. Nothing too extreme, 10-50MB or so. It also needed to assume that the bulk of these people won't have ftp clients and/or the inclination to use one (ya, I know...) Anywise, there's lots of ways to do this but the one I've settled on is to just use limited ftp access and users, and provide a web-based ftp interface for those that don't know what ftp is. I set up a sub-domain 'uploads.mydomain.com' and created a '/files/clientname/' dir structure. I found a perl app that I like to provide the web interface. It uses Net::FTP module and runs as compiled c app. I am pretty confident in this and everything seems to be working the way it is supposed to.

    I'd like to further protect the top-level home dir I have for these ftp users (/home/mydomain/public_html/uploads/files/ -R) in order to prevent anything from executing from these dirs. Is my best approach to set the mod on the dir somehow, or to handle all restrictions in apache.conf for the sub-domain, or both I'm guessing. Is it possible to allow a dir to be listed, yet prevent anything from executing in it? I'm thinking that after that, I would still have to disallow php from executing in this sub-domain with some form of directive?

    I'd appreciate any thoughts from people with more *nix knowledge than me. Ultimately, I'm not too worried that my particular users are going to be malicious, but I'd like to be fairly comfortable that an executable and/or script put there via ftp couldn't be executed or run.

    Thanks,
    verdon

    WHM 9.4.0 cPanel 9.4.1-S65**
    RedHat 8.0 - WHM X v3.1.0*
     
Loading...

Share This Page