I am running a Lamp server on a CentOS 6.5 box. It works fine, I am
concerned that I may have the wrong file/dir permissions.
The directories /var and /var/www are root:root and 755.
For /var/www/html and all directories underneath I have apache:apache
and 770.
For all files under
On Sat, Jan 25, 2014 at 7:33 AM, Joseph Hesse joehe...@gmail.com wrote:
I am running a Lamp server on a CentOS 6.5 box. It works fine, I am
concerned that I may have the wrong file/dir permissions.
The directories /var and /var/www are root:root and 755.
For /var/www/html and all
On 01/25/2014 07:32 AM, Steven Tardy wrote:
On Sat, Jan 25, 2014 at 7:33 AM, Joseph Hesse joehe...@gmail.com wrote:
I am running a Lamp server on a CentOS 6.5 box. It works fine, I am
concerned that I may have the wrong file/dir permissions.
The directories /var and /var/www are root:root
On Sat, 2014-01-25 at 08:32 -0500, Steven Tardy wrote:
the problem with your /var/www/html permissions is the user/group apache
can write to directories and files. which can be used by anyone on the
internet(bad guys) to use potentially exploitable dynamic
pages(.php/.cgi/etc) to add/modify
On 1/25/2014 6:12 AM, Joseph Hesse wrote:
For my understanding, please tell me what a bad guy would have to do to
exploit apache having read/write permission.
A) exploit a bug in PHP or Apache, perhaps known but not yet patched, or
totally unknown
B) corrupt a database via a SQL Injection
On 1/25/2014 6:20 AM, Always Learning wrote:
On my setup I have all web pages in a special root directory
/data/web/do/domain-name/sub-domain-name/files .
with a non-standard user having rw-r-r
Apache can't write to anything except
/data/web/logs/
I have self-created web site
On Sat, 2014-01-25 at 10:00 -0800, John R Pierce wrote:
re: your intrusion detection system, mod_evasive is a useful tool for
creating such.
Mine works like this:
1. All errors 301, 302, 400, 401, 403, 500 etc are send to a standard
PHP file
ErrorDocument 401 /error.php?code=401
On Sat, 2014-01-25 at 21:44 +0100, Reindl Harald wrote:
Am 25.01.2014 21:40, schrieb Always Learning:
if($ban)
{ $ipx = $ip1;
exec(sudo -u root -t pts/1 /sbin/iptables -A 1banned..$mm. -j
DROP -s .$ipx);
}
if your webserver is allowed to call exec() at all from
8 matches
Mail list logo
