That will then break other .htaccess directives needed for application to work correctly. I find that Rack911's Apache patch has been the most effective so far to prevent cross account symlinks.If you're having problems with hackers using CGI shell / sym links still add this to your pre_main_2.conf
Allow from all
I believe what he meant was that by setting "AllowOverride None" you are essentially disabling all .htaccess functions, including things like redirects.Nobody has any thoughts about my "patch", can anyone confirm what Jeff Shotnik said? I'm not 100% sure what he meant by it.
Are you sure? We've recompiled Apache with Race Condition Patch and now when we try to follow a symlink to another user PHP file we get this error in Apache error_log:The cpanel race condition patch did nothing.
|Thread starter||Similar threads||Forum||Replies||Date|
|K||Security Policy Handling Failed||Security||4|
|Solutions for handling ddos attacks?||Security||3|
|P||Security Handling [improving the error message is CPANEL-5713]||Security||2|
|H||Not find any solutions after my port 2086/2087 Blocked :'(||Security||1|
|O||What anti-virus solutions?||Security||93|