I am chiming in here to set a few admin basics that govern web hosting
access.
The OnRev server is running Linux operating system.
Permissions for file and folder access are set by Linux.
Linux has been setup to allow Apache to be designated as an owner of a
file or folder.
When you use command line for 'chown' or 'chmod' commands, you are
talking to Linux and setting permissions.
If Apache is an owner of a folder (eg. publicHtml/) it has access to
that folder according to the Linux permission level (0-7).
Apache can read and write files in a folder if it is the owner and the
file access level is 6.
Apache can execute a script if the access level of the script file is 7.
Browsers talk to Apache and request various kind of information.
Before Apache takes action, it looks in the folder to see if there is
an htaccess file.
If so, it reads it as a text file and follows the rules that have been
put there by the web site admin.
Linux does not know anything about htaccess rules.
Apache always follows htaccess rules, if present.
Access rules are very powerful and complex.
One rule could be that any request for a file (eg. userInfo.txt) is
honored by Apache by returning a different file (eg.
notPermittedMsg.txt). Skilled web admins will use many htaccess files
to keep users out of folders or from executing files. Do a Google for
'htaccess' to see some tutorials on this.
Now getting to the FTP access (not the Linux computer operating system
or the Apache program).
This is governed by cPanel settings.
You can setup several FTP user accounts and allow uploading/
downloading. Each account has a specified 'home' folder and typically
cannot access any other folders outside that path. This allows web
designers access to specific folders, and not all.
Not all hosting systems are the same, and much depends on what the
hosting company wants to allow.
First: Claudi may be using an FTP account login:password that is set
to "testing/", but not likely.
Looking closely at the
"FTP error file "/testing/..//lib/cc_PageStats.irev" not present.
shows two "//" in the path, which will give an error.
The word "testing" comes from the parent folder the 'page' requesting
the include file.
I am not sure why the double slash occurs without more info.
Secondly: Alex said about access to all the folders on a hosting
site...
"I didn't think you can do this - but you can. And that's kind of
scary. It means that a script error (or deliberate misuse) in any of
your add-on domains can see and alter all files, including those in
other add-on domains. I'm not sure this is a "feature", it feels more
like a "bug" (or at least, a "problem").
Access to all the subdomain folders can be regulated, primarily using
*group* permissions, and also by using htaccess files in each folder.
Often there are libraries and databases that are used by several
subdomains. For years the use of PHP globals was convenient, but
allowed anyone to easily attack a server. No one uses these globals
anymore.
As I learn more about OnRev in the coming months, I will show examples
of protecting a scripts, subdomains, and hazardous scripts.
I have a couple utility scripts to deal with moving files into deeper
folder levels and not having to rewrite the include paths. Basically,
you call a script that builds the path for you.
The gurus of web hosting should be able to add specifics and
corrections, but this is a start.
Hope this helps
More to come.
Jim Ault
Las Vegas
_______________________________________________
use-revolution mailing list
[email protected]
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
