Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Securing system folders?

Discussion in 'Security' started by Eli L, Aug 27, 2010.

  1. Eli L

    Eli L Well-Known Member

    Joined:
    Aug 9, 2007
    Messages:
    61
    Likes Received:
    1
    Trophy Points:
    58
    Location:
    Bellingham, Washington, United States
    cPanel Access Level:
    Root Administrator
    What should the permissions of system folders and files be (etc, usr, var....)? If I use a php shell I can change dirs into the root of my server and browse system folders and files that were created with insecure permissions.

    Seems like a big security risk. How do I prevent this and what permissions should the folders and files be?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #1 Eli L, Aug 27, 2010
  2. GaryT

    GaryT Well-Known Member

    Joined:
    May 19, 2010
    Messages:
    320
    Likes Received:
    3
    Trophy Points:
    68
    There are plenty of ways on doing this. I learnt though google when I first started of but I will explain below on some changes you may want to think about.

    The below cmd will secure your TMP folder, And such
    Make sure you also use “nosuid” and “noexec” in the /etc/ftsab

    Generally though, If you set the folders to an example 777 cPanel will warn you about this and 99% ask you to change then to 1777
     
    #2 GaryT, Aug 30, 2010
  3. rackaid

    rackaid Active Member

    Joined:
    Jan 18, 2003
    Messages:
    42
    Likes Received:
    1
    Trophy Points:
    158
    Location:
    Jacksonville, FL
    cPanel Access Level:
    DataCenter Provider
    A php shell script can browse any directories that the apache or the php script user user has permissions to access.

    To limit php access, consider tools like suPHP, safe mode and open base dir. In terms of limiting system files, there are only some many changes you can make and have your server work.

    Generally, you are better off spending your efforts keeping your web scripts updated than trying to harden paths on your server.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 rackaid, Aug 30, 2010
(You must log in or sign up to post here.)
Loading...
Similar Threads - Securing system folders
  1. tdot

    Securing Server

    tdot, Nov 2, 2017, in forum: Security
    Replies:
    1
    Views:
    311
    cPanelMichael
    Nov 2, 2017
  2. lukapaunovic

    Securing server without CloudLinux question

    lukapaunovic, Aug 19, 2017, in forum: Security
    Replies:
    6
    Views:
    690
    cPanelMichael
    Aug 22, 2017
  3. jazee

    Securing WHM (and SSH)

    jazee, Jul 2, 2017, in forum: Security
    Replies:
    2
    Views:
    1,464
    cPanelMichael
    Jul 3, 2017
  4. Spork Schivago

    Help securing rpcbind

    Spork Schivago, Jun 14, 2017, in forum: Security
    Replies:
    4
    Views:
    1,498
    Spork Schivago
    Jun 14, 2017
  5. Travis Owens

    Securing Ports 2082 and 2086 (SSL)

    Travis Owens, Mar 30, 2017, in forum: Data Protection
    Replies:
    1
    Views:
    869
    cPanelMichael
    Mar 30, 2017

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice