The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Securing /usr/local/apache/proxy

Discussion in 'EasyApache' started by sh4ka, Oct 18, 2005.

  1. sh4ka

    sh4ka Well-Known Member

    Joined:
    May 12, 2005
    Messages:
    442
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    US
    cPanel Access Level:
    DataCenter Provider
    I saw this on this post: http://forums.cpanel.net/showthread.php?t=39020&highlight=hardening

    I mean, changing /usr/local/apache/proxy owner from nobody.nobody (as you can see below) to root.root.
    drwxr-xr-x 2 nobody nobody 4.0K Sep 4 00:00 proxy/

    Isn't that dangerous ? Have anyone tried, will this stop bad guys from that directory ?
    I know about mod security, phpsuexec, etc, etc.., I'm just going right to the point, is this good to prevent something ?
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    I'd suggest that you simply delete the proxy subdir, it's not needed and is a security risk.
     
  3. sh4ka

    sh4ka Well-Known Member

    Joined:
    May 12, 2005
    Messages:
    442
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    US
    cPanel Access Level:
    DataCenter Provider
    Thanks Chirpy, I'll try it..
     
Loading...

Share This Page