The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Securing system folders?

Discussion in 'Security' started by Eli L, Aug 27, 2010.

  1. Eli L

    Eli L Well-Known Member

    Joined:
    Aug 9, 2007
    Messages:
    61
    Likes Received:
    1
    Trophy Points:
    58
    Location:
    Bellingham, Washington, United States
    cPanel Access Level:
    Root Administrator
    What should the permissions of system folders and files be (etc, usr, var....)? If I use a php shell I can change dirs into the root of my server and browse system folders and files that were created with insecure permissions.

    Seems like a big security risk. How do I prevent this and what permissions should the folders and files be?
     
    #1 Eli L, Aug 27, 2010
  2. GaryT

    GaryT Well-Known Member

    Joined:
    May 19, 2010
    Messages:
    321
    Likes Received:
    3
    Trophy Points:
    68
    There are plenty of ways on doing this. I learnt though google when I first started of but I will explain below on some changes you may want to think about.

    The below cmd will secure your TMP folder, And such
    Make sure you also use “nosuid” and “noexec” in the /etc/ftsab

    Generally though, If you set the folders to an example 777 cPanel will warn you about this and 99% ask you to change then to 1777
     
    #2 GaryT, Aug 30, 2010
  3. rackaid

    rackaid Active Member

    Joined:
    Jan 18, 2003
    Messages:
    42
    Likes Received:
    1
    Trophy Points:
    158
    Location:
    Jacksonville, FL
    cPanel Access Level:
    DataCenter Provider
    A php shell script can browse any directories that the apache or the php script user user has permissions to access.

    To limit php access, consider tools like suPHP, safe mode and open base dir. In terms of limiting system files, there are only some many changes you can make and have your server work.

    Generally, you are better off spending your efforts keeping your web scripts updated than trying to harden paths on your server.
     
    #3 rackaid, Aug 30, 2010
(You must log in or sign up to post here.)
Loading...
Similar Threads - Securing system folders
  1. Spork Schivago

    Help securing rpcbind

    Spork Schivago, Jun 14, 2017, in forum: Security
    Replies:
    4
    Views:
    51
    Spork Schivago
    Jun 14, 2017
  2. Travis Owens

    Securing Ports 2082 and 2086 (SSL)

    Travis Owens, Mar 30, 2017, in forum: Data Protection
    Replies:
    1
    Views:
    200
    cPanelMichael
    Mar 30, 2017
  3. Jay C. Burton

    SOLVED Securing mail on Hosting Accounts

    Jay C. Burton, Dec 20, 2016, in forum: Security
    Replies:
    1
    Views:
    172
    cPanelChrisI
    Dec 20, 2016
  4. durangod

    Why are there no UI options for securing ssh - ftp - root using alternate usernames

    durangod, Sep 27, 2016, in forum: General Discussion
    Replies:
    4
    Views:
    323
    Infopro
    Oct 2, 2016
  5. hicom

    EA4 and securing PHP processes

    hicom, Sep 21, 2016, in forum: EasyApache
    Replies:
    2
    Views:
    426
    cPanelMichael
    Oct 5, 2016

Share This Page