The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Securing system folders?

Discussion in 'Security' started by Eli L, Aug 27, 2010.

  1. Eli L

    Eli L Well-Known Member

    Joined:
    Aug 9, 2007
    Messages:
    61
    Likes Received:
    1
    Trophy Points:
    58
    Location:
    Bellingham, Washington, United States
    cPanel Access Level:
    Root Administrator
    What should the permissions of system folders and files be (etc, usr, var....)? If I use a php shell I can change dirs into the root of my server and browse system folders and files that were created with insecure permissions.

    Seems like a big security risk. How do I prevent this and what permissions should the folders and files be?
     
    #1 Eli L, Aug 27, 2010
  2. GaryT

    GaryT Well-Known Member

    Joined:
    May 19, 2010
    Messages:
    321
    Likes Received:
    3
    Trophy Points:
    68
    There are plenty of ways on doing this. I learnt though google when I first started of but I will explain below on some changes you may want to think about.

    The below cmd will secure your TMP folder, And such
    Make sure you also use “nosuid” and “noexec” in the /etc/ftsab

    Generally though, If you set the folders to an example 777 cPanel will warn you about this and 99% ask you to change then to 1777
     
    #2 GaryT, Aug 30, 2010
  3. rackaid

    rackaid Active Member

    Joined:
    Jan 18, 2003
    Messages:
    42
    Likes Received:
    1
    Trophy Points:
    158
    Location:
    Jacksonville, FL
    cPanel Access Level:
    DataCenter Provider
    A php shell script can browse any directories that the apache or the php script user user has permissions to access.

    To limit php access, consider tools like suPHP, safe mode and open base dir. In terms of limiting system files, there are only some many changes you can make and have your server work.

    Generally, you are better off spending your efforts keeping your web scripts updated than trying to harden paths on your server.
     
    #3 rackaid, Aug 30, 2010
(You must log in or sign up to post here.)
Loading...
Similar Threads - Securing system folders
  1. lukapaunovic

    Securing server without CloudLinux question

    lukapaunovic, Aug 19, 2017 at 11:17 AM, in forum: Security
    Replies:
    6
    Views:
    90
    cPanelMichael
    Aug 22, 2017 at 8:32 AM
  2. jazee

    Securing WHM (and SSH)

    jazee, Jul 2, 2017, in forum: Security
    Replies:
    2
    Views:
    159
    cPanelMichael
    Jul 3, 2017
  3. Spork Schivago

    Help securing rpcbind

    Spork Schivago, Jun 14, 2017, in forum: Security
    Replies:
    4
    Views:
    190
    Spork Schivago
    Jun 14, 2017
  4. Travis Owens

    Securing Ports 2082 and 2086 (SSL)

    Travis Owens, Mar 30, 2017, in forum: Data Protection
    Replies:
    1
    Views:
    291
    cPanelMichael
    Mar 30, 2017
  5. Jay C. Burton

    SOLVED Securing mail on Hosting Accounts

    Jay C. Burton, Dec 20, 2016, in forum: Security
    Replies:
    1
    Views:
    233
    cPanelChrisI
    Dec 20, 2016

Share This Page