Maki187

Registered
Mar 24, 2014
3
0
1
cPanel Access Level
Root Administrator
Hi,

Sorry for my bad english.
I was protecting my new Web Server from shell scripts (by disabling custom php.ini files, setting open_basedir to acess only to /home and /tmp, and finaly mounting new /tmp), and all that protection works fine, but now i Have some problem with Image Uploading scripts, when upload finished, they show HTTP Error (500). Weird is that /tmp folder is writable (777), but script still cant upload image. I have even check via php is /tmp writble, and it looks ok (Your temporary upload directory /tmp is writable).

Can someone help me with this ?

I use CentOS 6 x64 bit
 

quizknows

Well-Known Member
Oct 20, 2009
1,008
87
78
cPanel Access Level
DataCenter Provider
What PHP handler are you using? DSO, SuPHP or CGI?

Any 500 error should have information in the Apache error log. Reference that file to see what is causing the 500. /usr/local/apache/logs/error_log
 

Maki187

Registered
Mar 24, 2014
3
0
1
cPanel Access Level
Root Administrator
I use SuPHP.
I have just look in that log, and there is no new error, only some old.
And what is weird is that Image Uploading script just started working normal, and cgi shell script again work, and I didnt do anything. Only way I know I can stop shell script to work, is to chmod /tmp to 750, but then a lot other things is not working.

Thanks.
 

quizknows

Well-Known Member
Oct 20, 2009
1,008
87
78
cPanel Access Level
DataCenter Provider
/tmp has to be 1777 for the server to function. The 1 is not a typo. If you have changed it, try chmod 1777 /tmp

If the server is returining a 500 status code, something has to go into error_log. For all we know it could be modsecurity blocking an upload. You should be able to run "tail -f /usr/local/apache/logs/error_log" in a terminal while visiting the site and see the errors as you trigger them.
 
Thread starter Similar threads Forum Replies Date
leonep Security 1
postcd Security 2
jimlongo Security 5
NixTree Security 9
S Security 1