IIS Permissions
Mar 27, 2008
how permissions work in IIS in basic english
I spent ages trying to get a crm system working on my server and it only worked without errors when I changed the anonymous user privileges to "change" instead of "read".
Now this is meant to be insecure right? But my question is.... what exactly can go wrong with this configuration? In what ways is it insecure?
Also... correct me if I'm wrong but do:
- Web server permissions: only affect what scripts can run locally etc... and
- User / file level permissions: Protect against anonomous access changes from the net?
View 3 Replies
ADVERTISEMENT
Jun 3, 2009
I'm trying to get FTP working on a FreeBSD 7.1 box running ProFTPd.
The service runs but the issue is that the users cannot write to their home dirs. The server returns a 550 error.
Previously ProFTPd ran as user and group of "www" but I changed it to "nobody", which did not change anything.
I'm sure the issue is that of the home dirs for the users being owned by the users themselves and the service account not having access to write in that directory.
I'm not sure what is best to do here. Do I lift permissions so everyone can write to the home dirs? or is there a better way?
View 6 Replies
View Related
Jun 2, 2009
Let me start off with saying: I haven't had any suspicious activity, nor do I think I was compromised.
I logged in as root, and was simply clicking around my dedicated server and came across a few folders with permissions at 777. ALL are above /public_html
Irregardless, is this safe? I recall reading a bunch of topics on here, that /tmp needs to be hardened. Isn't this also above /public_html?
For one example:
/var/tmp is chmod to 077
..inside is a bunch of sess_ files
Is this folder open to hacking?
View 14 Replies
View Related
May 5, 2009
just buy a vps, all fine, but can not move or delete file by ftp after file uploaded by ftp and unzip by ssh. support say i need to use chown to change user to ftp user. but there is not ftp user on ssh when chown /dirctory ftpuser
View 4 Replies
View Related
Jan 19, 2007
when I setup a server I don't really care about permissions, I do lot of nasty chmod 777 * and stuff to easily get away with permission issues, since I'm the only one with access anyway.
But for a server that may be used for webhosting, how do I go about setting permissions in home directories so that programs like apache/php can still read/write to the user's web data? I'm guessing I need to add the user apache to each user's group and chmod 770 but I'm not too sure how to go about that, or if that's even how I should do it.
View 0 Replies
View Related
Jul 4, 2007
I have installed openvpn on the machine but i am having issues. I had to create /dev/net/tun manually and get permission errors on the device. I installed the openvpn rpm from [url].
on service startup i get the following log
Jul 4 22:03:09 gizmo openvpn[9517]: Note: Cannot open TUN/TAP dev /dev/net/tun: Permission denied (errno=13)
Jul 4 22:03:09 gizmo openvpn[9517]: Note: Attempting fallback to kernel 2.2 TUN/TAP interface
Jul 4 22:03:09 gizmo openvpn[9517]: Cannot allocate TUN/TAP dev dynamically
Jul 4 22:03:09 gizmo openvpn[9517]: Exiting
i installed from an rpm package on my cent0s 4 virtual machine, i followed the tutorial here, but to summarise after installing:
yum install openvpn -y
#Now check that it works
service openvpn start
#service fails - reason permission error on /dev/net/tun
running ifconfig i do not get a TUN/TAP device listed, im guessing as i haave never used vps before but i presume if all was working well i would get an additional interface listed alongside vnet0?
i have asked my vps provider to check i have TUN access, however in the meantime i would like to check there is nothing fishy with my setup?
View 1 Replies
View Related
Jul 24, 2007
Running LAMP, CentOS and webmin.
I've created a user and group for FTPing to a new domain. Problem is that when using Filezilla I get 'critical transfer error' after uploading files.
I have no problem with doing uploads as root, so this would appear to be permission problems.
So my question is, what do I need to do with the ftp user / or group in order to give appropriate permissions to place files under the public_html directory? Either through SSH or via Webmin...
View 2 Replies
View Related
May 29, 2007
I have some folders and files which simply won't let me upload, rewrite, rename, change permissions etc. Any action I try to perform on them simply gives me an error such as
550 Could not change perms on /public_html/foldername: Operation not permitted
The current permissions seem fine (755) and cpanel's file manager isn't having any luck either.
It's for a zen-cart site
Machine is running Cent OS with the following;
cPanel Version 11.2.17-CURRENT
cPanel Build 12566
Theme x3
Apache version 1.3.37 (Unix)
PHP version 4.4.6
MySQL version 4.1.22-standard
Architecture i686
Operating system Linux
View 11 Replies
View Related
Nov 17, 2007
while am installing some software wordpress plugins [ podpress ]
i have some problem in /tmp permission to the site owner!
how can we handle this problem so i can have a permission in my tmp folder
i try to chmod the tmp to 777 from the SSH root ... but the problem didn't solve ...
View 14 Replies
View Related
Jun 7, 2007
Yesterday I upgrade to cPanel 11... I can perfectly login using WHM, but one of our customers can login using root, this is the error:
Access Denied
The server was configured to not permit you access to the specified resource. If you believe this is in error or inadvertent, please contact the system administrator and ask them to update the host access files.
Where should I specify WHM login permissions?
Thanks.
View 4 Replies
View Related
May 19, 2009
I need to run my PHP application locally on my XP Pro machine with IIS. Part of my application requires creating files, how do I set write permissions on folders like you can with windows server?
Is this possible with XP pro
View 3 Replies
View Related
Aug 27, 2009
I am in the process of setting up my server and have come to the stage where I am uploading my actual website scripts and files. I am a little confused however as to what permissions and file/directory ownership my website files should be set to.
My web root is set to 755 (rwx/r-x/r-x) with Owner as root, and Group as root. All files within the web root are set to 744 (rwx/r--/r--) with the owner and group the same as the web root. The permissions set allow php scripts to function but I am not sure if the group should be set to root on all these files, is this correct?
My site users have no ftp access if that makes any difference to ownership.
View 4 Replies
View Related
Mar 18, 2008
In trying to setup a cronjob on a new server I notice that cPanel tells me that usr/bin/crontab permissions are wrong and that they need to be changed to 4755.
When I log in to the server with WinSCP and attempt to change the permissions it just doesn't do it ... it looks like it's doing it, no errors, but it just leaves it the same!
View 4 Replies
View Related
Mar 10, 2008
I tried installing webdav on my VPS, but I'm having problems. I added the module as a DSO. I'm able to connect to it fine (in multiple client (dreamweaver, cadaver)), however, when I try to upload, I'm not able to. Apache has permissions for that directory and for the lock file. However, I get a 403 Permission Denied error.
View 1 Replies
View Related
Feb 6, 2007
I'm using wsftp checking permissions in domain.net in this directory:
/public_html/mambots/content/plugin_jw_sig
through wsftp i saw chmod 755 but when i try to delete this directory appears with 550 and i can't delete it
So i used File Manager tool in Cpanel, selected directory to erase it, seems like was done, but when i refresh page the directory it's still there, so i try to change permissions because apparently it has 755 but i can't do anything with it, so when i click button to change permission i got an error message [a fatal error or timeout occurred while processing this directive]
Then i go trough wsftp to check again and this directory it's still there
View 4 Replies
View Related
Jul 12, 2007
I've created a new site on an IIS server. And when I try to access it, I get a window authentication window.
Seems I've had this happen before and it was a problem with IUSR permissions or password?
View 1 Replies
View Related
May 24, 2007
This is what you get when you go to this one site on the server in your browser:
Forbidden
You don't have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
This is a site in a reseller's account. The reseller had suspended it for non-payment. The account owner paid their fees, and the reseller unsuspended it. But now the site can't be reached.
I chowned and chmodded the account, but that didn't fix it.
View 3 Replies
View Related
Nov 11, 2007
I was on a server (reseller account) that ran PHPSuexec and default permissions were 755/644 as they should be.
We moved to a new cPanel 11 server and default permissions are 775/664. This is the same on 4 different servers from 4 different hosting companies (all reseller accounts). Three are CentOS, one RedHat Enterprise.
I entered a support ticket for one company and they said the permissions were not right and supposedly fixed it (I have left that company since then so I can't check).
The other hosting companies say their umasks are right and would not change it.
Apparently the apache installation defaults to these permissions which, security wise, seems kinda strange.
Can anyone shed some light on whether or not this is secure and does this mean I'm going to have change permissions evertime I upload files to install shopping carts, billing software etc.? (It's not hard it's just stupid to have to).
Should my hosts change apache system umask (022) to make permissions default to 755/644?
View 2 Replies
View Related
Dec 21, 2007
I'm migrating between two IIS servers using the migration tool.
Is there a way to copy of user permissions? Or at least see all the permissions from the original server?
View 7 Replies
View Related
Jan 16, 2007
I just ran into a very odd problem with my server. I was checking out my banner links on other sites when I realized none of them were displaying. I quickly checked the folder I keep the image in and I got a forbidden access warning. I checked the folder from ftp and it said the permissions were set to 0, instead of 755 like they should be
I can't move, delete, view, or alter the folder in any way.
View 1 Replies
View Related
Dec 29, 2007
my question is relating to a "DJ Panel" that I am making. I am looking into various file permissions and was wondering if all PHP files that are part of the DJ Panel have file permissions of 0666 will that pose any kind of security threat (make life easier for hackers) or do you see any downside to doing this?
View 3 Replies
View Related
Jun 26, 2007
I uploaded a joomla template and now need to edit the css file. But it says it is unwritable. Earlier, I had a problem editing an image. My host said, "Since these files were created the webserver, you didnt have ownership to change these files."
So perhaps the same happened with the css file? What do you think?
View 3 Replies
View Related
Apr 8, 2009
Is there any tool available which can be used to check permissions of the folders and files. For example, if we run the tool on the server it gives the list of files or folders which have write/modify permissions for everyone or other anonymous users in Windows.
View 0 Replies
View Related
Jun 10, 2009
Not sure if this is an Apache issue but I'm guessing it is. I also have cPanel on this server.
I made a PHP script and placed it on my server. This script has a function that will create a new file on the server, say a .txt file with information in it. When I go to do anything with that file that is created such as edit it, I get a permission denied from the server.
For example, FTP returns:
"Response: 550 Rename/move failure: Permission denied. "
Someone guessed that it is possible that when the PHP file is creating a new file on the server, it automatically places its permissions under root/apache, making it inaccessible for the cPanel user... if this were the case how could I potentially solve this issue?
View 5 Replies
View Related
Jul 22, 2009
How to secure /tmp folder on cpanel server with Centos?
what is permissions?
View 11 Replies
View Related
May 24, 2009
I have set up a ftp server for my clients to upload files.
I have setup 2 users, client and administrator.
When a client logs he uploads his files to a folder called upload_files.
But he cannot view files in that folder.
If I log in as administrator I can see all the files and folders.
But I can only delete files uploaded to the upload_files folder.
If the client uploads a folder with files into it, then I cannot delete it since the folder owner is client.
Ex:
/upload_files/image.jpg Can Delete
/upload_files/new_folder/image.jpg Can't Delete
View 6 Replies
View Related
Jul 1, 2009
I when change permissions public_html folder, from 777 to 755.
Don't allow and back to 777.
View 5 Replies
View Related
Nov 2, 2009
I own a dedicated server and have installed plesk on it. With the domain, plesk creates an FTP account to use for that domain. When you use that user/pass it only allows access to the
Code:
/var/www/vhosts/mydomain/
directory, which is fine.
Now the problem is that the account has very limited permissions. It didn't let me write to any of the folders unless I chmodded them to '777', and now doesn't let me overwrite any files unless I login as root and chmod the individual files to '777'. How can I set this accounts permissions to allow full writing, and reading for everything it has access to? I don't want everything to have full permissions for obvious reasons.
View 3 Replies
View Related
May 15, 2009
I'm transferring websites from Linux to Windows.
My scrips are writing uploaded photos to the server's hard disk drive. In Linux, I've set up right permissions to the folder: allow write files, php user as the owner of the folder.
After I've transferred everything to Windows Server 2008 server, I've removed "read only" atribute from folders and files, but PHP scripts still can't write new files or change old files.
I wonder what should I do to fix it? Set PHP user as the owner (as in Linux)? If yes, how can I do it?
View 23 Replies
View Related
Mar 12, 2008
I have an issue I've never seen before, and hope someone here can shed some light on this odd problem.
Just brought a new server online running Apache 2.2.3. The DocumentRoot was originally set to /var/www/html but I changed it to /home/[sitename]/public_html. I've done hundreds of Apache configs before and this one is no different.
Anyhow, here's the issue:
In SSH (logged in as root), if I create a file (let's just say I do a vi index2.php, enter "test" and save), when I try to go to pull the file in my browser, I get a 403 permission denied error. However, if I create the file in /var/www/html then move it to /home/[sitename]/public_html, the file comes up fine in a browser. Same goes for JPEG images. If I wget a JPG from another site directly into /home/[sitename]/public_html, get a 403 permission denied. If I wget it into /var/www/html then move it, it loads just fine.
It's important to note that the file permissions, owner, and the actual file itself are all identical. Both directories are chowned and chmodded identically.
View 1 Replies
View Related
Aug 17, 2008
I'm on a shared FreeBSD server, running Apache with Drupal, and vBulletin.
I had to create a local php.ini file in my public_html folder for Drupal, and another in my forum folder for vBulletin. Now my question is, what should I set the permissions of these files to? Also, what should I set .htaccess permissions to as well?
I'd like to keep them invisible to the public. But, I don't want any problems with Drupal, or vBulletin ether.
I'm used to using Linux and I know how permissions work on a desktop. I just don't know what they do when used on a server. I'm guessing 640, but I'd like to make sure before I change anything.
View 3 Replies
View Related