Is It Safe To Remove All Of /tmp
My /tmp on my cPanel hosting server is nearly full, and I was wondering if it is safe to remove all the contents in /tmp, if not, what can I delete to clear up the space?
View Complete Thread with Replies
Sponsored Links:
Related Forum Messages:
How Can Secure /tmp /var/tmp In OpenVZ VPS ?
recently I got a VPS from cheapvps.co.uk and so far so good. Im getting used to the VPS enviroment. I tried to follow several guides about how to secure with noexec and nosuid the /tmp and /var/tmp and it did not work. in http : / / www . webhostingtalk .com/showthread.php?t=474681&highlight=tmp points it must be done from the hosting. Same is said in http : // kb . swsoft . com/article_130_648_en.html. I asked the hosting to do it and they told me as I got an Unmanaged VPS they cant do it for me. Do anyone know how can be done ? I dont want to use tmpfs as it uses main memory.
View Replies!
View Related
Remove Empty Folders And Remove From A Db
ive got a site which auto creates subdomains and installs a script automaticly and inserts details into a mysql db. i have had some issues recent so have loads (talking 100s) of folders that are empty which i need to remove, and to remove the details of said folder from db also. any ideas how i can do this, using plesk control panel so removing the subdomain via plesk cli may be the best way in that respect but the db is external to plesk so that would not be edited
View Replies!
View Related
Safe Mode On Or Off
Should i switch safe mode on or off . Right now i am using it as on some one told me if i switch it off then server can easily hack but becoz i switch it on im having too much problem specially users of sites having problem of uploading and wordpress also have issue and some more script what you say what should i do?
View Replies!
View Related
Php Safe Mode
i need to enable php safe mode on for my joomla and i came across this Quote: When the php safe mode is turned off globally by default at our server end, you can still override the setting to turn it ON for only your domain by just insert the following line inside the ".htaccess" file (at Linux server): Code: php_value safe_mode "1" my joomla .htaccess file: Quote: ## # @version $Id: htaccess.txt 10492 2008-07-02 06:38:28Z ircmaxell $ # @package Joomla # @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved. # @license http://www.gnu.org/copyleft/gpl.html GNU/GPL # Joomla! is Free Software ## ##################################################### # READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE # # The line just below this section: 'Options +FollowSymLinks' may cause problems # with some server configurations. It is required for use of mod_rewrite, but may already # be set by your server administrator in a way that dissallows changing it in # your .htaccess file. If using it causes your server to error out, comment it out (add # to # beginning of line), reload your site in your browser and test your sef url's. If they work, # it has been set by your server administrator and you do not need it set here. # ##################################################### ## Can be commented out if causes errors, see notes above. Options +FollowSymLinks # # mod_rewrite in use RewriteEngine On ########## Begin - Rewrite rules to block out some common exploits ## If you experience problems on your site block out the operations listed below ## This attempts to block the most common type of exploit `attempts` to Joomla! # # Block out any script trying to set a mosConfig value through the URL RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR] # Block out any script trying to base64_encode crap to send via URL RewriteCond %{QUERY_STRING} base64_encode.*(.*) [OR] # Block out any script that includes a <script> tag in URL RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR] # Block out any script trying to set a PHP GLOBALS variable via URL RewriteCond %{QUERY_STRING} GLOBALS(=|[|\%[0-9A-Z]{0,2}) [OR] # Block out any script trying to modify a _REQUEST variable via URL RewriteCond %{QUERY_STRING} _REQUEST(=|[|\%[0-9A-Z]{0,2}) # Send all blocked request to homepage with 403 Forbidden error! RewriteRule ^(.*)$ index.php [F,L] # ########## End - Rewrite rules to block out some common exploits
View Replies!
View Related
Is It Safe To Enable Exec()
I am trying to install gallery 2.3 and it requires exec() to be enabled for some functions. Is it safe to enable it in php.ini? In php.ini file I see this, disable_functions = symlink,shell_exec,exec,proc_close,proc_open,popen,system,dl,passthru,escapeshellarg,escapeshellcmd I have CentOS running on my VPS.
View Replies!
View Related
Hacker Safe Host
As with many sites. my site was hacked recently. my host was so negative about this. they didn't notice the hack attempt although it took the hacker 9 hours to break through. after that I made some search on my host to find that it is not a real host at all. they are just resellers to another company. I was very disappointed, Then I decided to go to a better host who can protect me from hackers. I read some threads about 'hacker safe host' but they all in general don't give a real name of trusted 'anti-hackers' companies. can you guide me to some of the famous hosts? if you can't my friends got a VPS hosted with WestHost. he offered me to move my site to his VPS. is west host trusted about hackers?
View Replies!
View Related
Safe To Delete These Files
I am running my VPS on direct admin panel, my disk space is going low, so i am deleting few junk / log files Kindly let me know 1) is it safe to delete data of this directory - /var/log/httpd/domains The File names in above directory are such as - " domain.com.bytes " As it is occupying 600 MB space 2) where can i delete much junk / temp files, to free up space.
View Replies!
View Related
Safe Mode VPS
I have a script that needs safe mode off to run, the script writers have said safe mode is disabled as default and not required and even disabled in php 6 Now I'm not to fimular with Safe mode, all I know is most scripts are wrote to work with this on
View Replies!
View Related
AWBS Vb Safe Mode
To Install www.awbs.com scripts to my server How Can I Do This Following to one site on My server safe_mode Off allow_url_fopen On session.auto_start Off tell Me that i can do that from httpd config
View Replies!
View Related
PHP Safe Mode
I would like to know as to whether or not you have php safe mode turned on? If you do, please specify why, and would you allow your clients to turn it off?
View Replies!
View Related
Calpop Not Work Safe
I stumbled upon this through google images...click as you wish. They are clothed, just riskay. And in calpop! LOL! I wonder who that guy is? Yes, off topic I know. Maybe a repost. [url]
View Replies!
View Related
Safe Mode OFF And Open_basedir Set...
I am going to run a free host, yes I know I should post this in FWHT but well, they dont answer very fast if at all. It is very dangerous to have Safe Mode OFF on a free host, but someone was telling me about open_basedir, which makes it so they cant touch any files set outside of open_basedir. Would this be suffiecient to keep them from touching others files? I know I need to disable other functions like exec() and stuff but would open_basedir keep hackers away from others files and hacking them...
View Replies!
View Related
Php Safe Mode OFF And Security
I have found on one webhost that they have very cool feature: Here is what they say: Quote: Browsing through any webhost related forum will reveal that giving safe mode off poses extreme security risk to the server. Because it offers hackers a great advantage to access any other members account or read their sensitive files which usually contain passwords. But then some genuine scripts won't work with safe mode ON. Meaning you could turn it on per member requests but that takes lots of labor. So we completely reprogrammed the safe mode PHP source code and recompiled it. As a result ours safe mode OFF is light-years safer & hacker-proof then standard PHP v5 safe mode ON. So all our members are getting safe mode OFF, with harder security then those hosts who offer Safe Mode ON. So now I am wondering, how they did that? I have searched forums and Google for lots of different keyword but haven't found anything. I believe a lot of you running Apache as nobody and having php save mode OFF. It there any way you protect yourself? phpsuexec is not a solution now as it increasing load.
View Replies!
View Related
How Can I Secure Server Without Safe Mode
i have vps and i enable the safe_mode , but now i need to turn it off becouse i need to install image uploader script and this script need safe mode off to work so, what can i do to secure my server while i turn off my safe mode? what can happend if i turn off safe mode? what is the job of safe mode?
View Replies!
View Related
Which Of This Files In /boot Is Safe To Be Deleted
After installing Kernels seems /boot is boing to be full soon. Which files can be safely deleted ? Mean lets say to keep the latest Kernel and previous version: root@[/boot]# ls -la total 70317 drwxr-xr-x 4 root root 3072 Dec 4 11:28 ./ drwxr-xr-x 22 root root 4096 Sep 29 10:41 ../ -rwxr--r-- 1 root root 6144 Nov 9 2006 aquota.user* -rw-r--r-- 1 root root 48736 Sep 28 2005 config-2.4.21-37.EL -rw-r--r-- 1 root root 48851 Sep 28 2005 config-2.4.21-37.ELsmp -rw-r--r-- 1 root root 48951 Oct 19 2006 config-2.4.21-47.0.1.EL -rw-r--r-- 1 root root 49066 Oct 19 2006 config-2.4.21-47.0.1.ELsmp -rw-r--r-- 1 root root 49066 Aug 1 2006 config-2.4.21-47.ELsmp -rw-r--r-- 1 root root 48951 Jun 11 18:29 config-2.4.21-50.EL -rw-r--r-- 1 root root 49066 Jun 11 18:21 config-2.4.21-50.ELsmp -rw-r--r-- 1 root root 48951 Aug 16 17:11 config-2.4.21-51.EL -rw-r--r-- 1 root root 49066 Aug 16 17:03 config-2.4.21-51.ELsmp -rw-r--r-- 1 root root 48951 Sep 27 18:38 config-2.4.21-52.EL -rw-r--r-- 1 root root 49066 Sep 27 18:30 config-2.4.21-52.ELsmp -rw-r--r-- 1 root root 48951 Dec 3 13:51 config-2.4.21-53.EL -rw-r--r-- 1 root root 49066 Dec 3 13:42 config-2.4.21-53.ELsmp drwxr-xr-x 2 root root 1024 Dec 4 11:28 grub/ -rw-r--r-- 1 root root 276201 May 5 2006 initrd-2.4.21-37.EL.img -rw-r--r-- 1 root root 283119 May 5 2006 initrd-2.4.21-37.ELsmp.img -rw-r--r-- 1 root root 282640 Apr 10 2007 initrd-2.4.21-47.0.1.EL.img -rw-r--r-- 1 root root 289544 Oct 21 2006 initrd-2.4.21-47.0.1.ELsmp.img -rw-r--r-- 1 root root 289539 Sep 23 2006 initrd-2.4.21-47.ELsmp.img -rw-r--r-- 1 root root 282779 Jun 26 22:04 initrd-2.4.21-50.EL.img -rw-r--r-- 1 root root 289656 Jun 26 22:03 initrd-2.4.21-50.ELsmp.img -rw-r--r-- 1 root root 282783 Aug 21 05:32 initrd-2.4.21-51.EL.img -rw-r--r-- 1 root root 289652 Aug 21 05:32 initrd-2.4.21-51.ELsmp.img -rw-r--r-- 1 root root 282781 Sep 28 08:22 initrd-2.4.21-52.EL.img -rw-r--r-- 1 root root 289649 Sep 28 08:23 initrd-2.4.21-52.ELsmp.img -rw-r--r-- 1 root root 282778 Dec 4 11:27 initrd-2.4.21-53.EL.img -rw-r--r-- 1 root root 289653 Dec 4 11:28 initrd-2.4.21-53.ELsmp.img -rw-r--r-- 1 root root 547 May 5 2006 kernel.h drwx------ 2 root root 12288 May 5 2006 lost+found/ -rw-r--r-- 1 root root 10213 Jan 4 2005 message -rw-r--r-- 1 root root 10213 Jan 4 2005 message.ja -rwxr--r-- 1 root root 32 Nov 9 2006 quota.user* lrwxrwxrwx 1 root root 26 Sep 29 09:37 System.map -> System.map-2.4.21-52.ELsmp -rw-r--r-- 1 root root 578588 Sep 28 2005 System.map-2.4.21-37.EL -rw-r--r-- 1 root root 606073 Sep 28 2005 System.map-2.4.21-37.ELsmp -rw-r--r-- 1 root root 580154 Oct 19 2006 System.map-2.4.21-47.0.1.EL -rw-r--r-- 1 root root 607622 Oct 19 2006 System.map-2.4.21-47.0.1.ELsmp -rw-r--r-- 1 root root 607622 Aug 1 2006 System.map-2.4.21-47.ELsmp -rw-r--r-- 1 root root 580321 Jun 11 18:29 System.map-2.4.21-50.EL -rw-r--r-- 1 root root 607789 Jun 11 18:21 System.map-2.4.21-50.ELsmp -rw-r--r-- 1 root root 580321 Aug 16 17:11 System.map-2.4.21-51.EL -rw-r--r-- 1 root root 607789 Aug 16 17:03 System.map-2.4.21-51.ELsmp -rw-r--r-- 1 root root 580321 Sep 27 18:38 System.map-2.4.21-52.EL -rw-r--r-- 1 root root 607789 Sep 27 18:30 System.map-2.4.21-52.ELsmp -rw-r--r-- 1 root root 580321 Dec 3 13:51 System.map-2.4.21-53.EL -rw-r--r-- 1 root root 607789 Dec 3 13:42 System.map-2.4.21-53.ELsmp -rwxr-xr-x 1 root root 2908624 Sep 28 2005 vmlinux-2.4.21-37.EL* -rwxr-xr-x 1 root root 3543696 Sep 28 2005 vmlinux-2.4.21-37.ELsmp* -rwxr-xr-x 1 root root 2912724 Oct 19 2006 vmlinux-2.4.21-47.0.1.EL* -rwxr-xr-x 1 root root 3551892 Oct 19 2006 vmlinux-2.4.21-47.0.1.ELsmp* -rwxr-xr-x 1 root root 3551888 Aug 1 2006 vmlinux-2.4.21-47.ELsmp* -rwxr-xr-x 1 root root 2912720 Jun 11 18:29 vmlinux-2.4.21-50.EL* -rwxr-xr-x 1 root root 3551888 Jun 11 18:21 vmlinux-2.4.21-50.ELsmp* -rwxr-xr-x 1 root root 2912720 Aug 16 17:11 vmlinux-2.4.21-51.EL* -rwxr-xr-x 1 root root 3551888 Aug 16 17:03 vmlinux-2.4.21-51.ELsmp* -rwxr-xr-x 1 root root 2912720 Sep 27 18:38 vmlinux-2.4.21-52.EL* -rwxr-xr-x 1 root root 3551888 Sep 27 18:30 vmlinux-2.4.21-52.ELsmp* -rwxr-xr-x 1 root root 2912720 Dec 3 13:51 vmlinux-2.4.21-53.EL* -rwxr-xr-x 1 root root 3551888 Dec 3 13:42 vmlinux-2.4.21-53.ELsmp* -rw-r--r-- 1 root root 1252609 Sep 28 2005 vmlinuz-2.4.21-37.EL -rw-r--r-- 1 root root 1363969 Sep 28 2005 vmlinuz-2.4.21-37.ELsmp -rw-r--r-- 1 root root 1260075 Oct 19 2006 vmlinuz-2.4.21-47.0.1.EL -rw-r--r-- 1 root root 1368141 Oct 19 2006 vmlinuz-2.4.21-47.0.1.ELsmp -rw-r--r-- 1 root root 1367751 Aug 1 2006 vmlinuz-2.4.21-47.ELsmp -rw-r--r-- 1 root root 1260875 Jun 11 18:29 vmlinuz-2.4.21-50.EL -rw-r--r-- 1 root root 1370368 Jun 11 18:21 vmlinuz-2.4.21-50.ELsmp -rw-r--r-- 1 root root 1260877 Aug 16 17:11 vmlinuz-2.4.21-51.EL -rw-r--r-- 1 root root 1370369 Aug 16 17:03 vmlinuz-2.4.21-51.ELsmp -rw-r--r-- 1 root root 1260879 Sep 27 18:38 vmlinuz-2.4.21-52.EL -rw-r--r-- 1 root root 1370369 Sep 27 18:30 vmlinuz-2.4.21-52.ELsmp -rw-r--r-- 1 root root 1260893 Dec 3 13:51 vmlinuz-2.4.21-53.EL -rw-r--r-- 1 root root 1370450 Dec 3 13:42 vmlinuz-2.4.21-53.ELsmp root@[/boot]# This is the /etc/grub.conf # grub.conf generated by anaconda # # Note that you do not have to rerun grub after making changes to this file # NOTICE: You have a /boot partition. This means that # all kernel and initrd paths are relative to /boot/, eg. # root (hd0,0) # kernel /vmlinuz-version ro root=/dev/sda2 # initrd /initrd-version.img #boot=/dev/sda default=0 timeout=10 splashimage=(hd0,0)/grub/splash.xpm.gz title CentOS (2.4.21-53.ELsmp) root (hd0,0) kernel /vmlinuz-2.4.21-53.ELsmp ro root=LABEL=/ initrd /initrd-2.4.21-53.ELsmp.img title CentOS (2.4.21-53.EL) root (hd0,0) kernel /vmlinuz-2.4.21-53.EL ro root=LABEL=/ initrd /initrd-2.4.21-53.EL.img title CentOS (2.4.21-52.ELsmp) root (hd0,0) kernel /vmlinuz-2.4.21-52.ELsmp ro root=LABEL=/ initrd /initrd-2.4.21-52.ELsmp.img title CentOS (2.4.21-52.EL) root (hd0,0) kernel /vmlinuz-2.4.21-52.EL ro root=LABEL=/ initrd /initrd-2.4.21-52.EL.img title CentOS (2.4.21-51.ELsmp) root (hd0,0) kernel /vmlinuz-2.4.21-51.ELsmp ro root=LABEL=/ initrd /initrd-2.4.21-51.ELsmp.img title CentOS (2.4.21-51.EL) root (hd0,0) kernel /vmlinuz-2.4.21-51.EL ro root=LABEL=/ initrd /initrd-2.4.21-51.EL.img title CentOS (2.4.21-50.EL) root (hd0,0) kernel /vmlinuz-2.4.21-50.EL ro root=LABEL=/ initrd /initrd-2.4.21-50.EL.img title CentOS (2.4.21-50.ELsmp) root (hd0,0) kernel /vmlinuz-2.4.21-50.ELsmp ro root=LABEL=/ initrd /initrd-2.4.21-50.ELsmp.img title CentOS (2.4.21-47.0.1.EL) root (hd0,0) kernel /vmlinuz-2.4.21-47.0.1.EL ro root=LABEL=/ initrd /initrd-2.4.21-47.0.1.EL.img title CentOS (2.4.21-47.0.1.ELsmp) root (hd0,0) kernel /vmlinuz-2.4.21-47.0.1.ELsmp ro root=LABEL=/ initrd /initrd-2.4.21-47.0.1.ELsmp.img title CentOS (2.4.21-47.ELsmp) root (hd0,0) kernel /vmlinuz-2.4.21-47.ELsmp ro root=LABEL=/ initrd /initrd-2.4.21-47.ELsmp.img title CentOS-3 (2.4.21-37.ELsmp) root (hd0,0) kernel /vmlinuz-2.4.21-37.ELsmp ro root=LABEL=/ initrd /initrd-2.4.21-37.ELsmp.img title CentOS-3-up (2.4.21-37.EL) root (hd0,0) kernel /vmlinuz-2.4.21-37.EL ro root=LABEL=/ initrd /initrd-2.4.21-37.EL.img
View Replies!
View Related
Which Files In /var Are Safe To Delete
I have WHM 11.1.0 cPanel 11.2.1-C11635 FEDORA 4 i686 - WHM X v3.1.0 My /var partition is over 64% full. 2 directories in there show a lot of space being used. One of these is /var/lib/mysql du -h --max-depth=1 # shows user accounts on the server with their database names. Are these just logs, or are they the actual databases? (Probably dumb newbie question) The other big one is /var/log/munin Is there anything there I can delete?
View Replies!
View Related
No-ip + Port Forward To Virtual Machine - Is It Safe?
I've set up a website using a no ip-account, nothing fancy or business-oriented, and I have it working this way: no-ip(port 80 redirect to port 6500)->router(redirect port 6500 to pc2 with ip 192.168.1.3)->pc2(vmware server redirects port 6500 to virtual machine with ip 192.168.60.100, which is running an asp .net server serving on port 6500) The router does not forward any port other than that one, but I would like to know if this has any risk for the other machines on the lan.
View Replies!
View Related
What Is Safe Hosting: Dedicated, VPS Or Reseller
I had VPS from SolarVPS a year ago and I found that it requires full attention since it wasn't stable like dedicated server. So, I had to keep an eye on the server and websites where some technical problems happened. These problems like websites stopped working suddenly, email problems, Mysql permissions etc. I totally agree that SolarVPS has a fantastic support and very quick. They supported me all over the past period. But, a week ago one of my client’s website was used for phishing Paypal customers and it seems like a hacker used the mailing script for this website. Therefore, SolrVPS stopped my VPS immediately and I am still keep on contacting Abuse Department to clarify the situation and resolve the problem. However, all my clients are down now because they are affected by stopping my VPS. My question here, since I wasn't be able to administrate security or look after the websites at my VPS, what shall I do to have a rest of mind from these problems and concentrate on sales and light support? Shall I go for dedicated? VPS again? Reseller? However, I always need root access to my server for my technical purposes.
View Replies!
View Related
Safe To Enable SMP In FreeBSD 6.2 Kernel
Ok first thing I have a P4 3.0ghz server and i assumed it has HTT feature in it but correct me if Im wrong with this dmesg Code: Copyright (c) 1992-2007 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 6.2-RELEASE-p5 #0: Sun May 27 03:15:00 UTC 2007 root@:/usr/obj/usr/src/sys/SharkTECH6 Timecounter "i8254" frequency 1193182 Hz quality 0 CPU: Intel(R) Pentium(R) 4 CPU 3.00GHz (2999.68-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0xf41 Stepping = 1 Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,C MOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE> Features2=0x441d<SSE3,RSVD2,MON,DS_CPL,CNTX-ID,<b14>> Logical CPUs per core: 2 Anyways the kernel it is using now has SMP disabled. Now i heard and from google searches that enabling SMP when you have an HTT processor is bad since I heard that there some kind of exploit and vulnerability. But this was back in 2005 and im not sure if it's fixed yet. Is anyone using a P4 with HTT with SMP enabled in their kernel as a dedi server? Some people also said that it lowers performance. This server mainly runs on WHM, apache, mysql, mail, and php.
View Replies!
View Related
PHP Safe Mode Local Stays On, But Global Off
I've recently upgraded from Shared hosting to a VPS. I'm currently getting my new VPS setup before migrating my site over. On my shared server, both the global and local safe_mode directives were reported as off by php_infO(). On ym new server, the global is reported as off, but local is reported as on. On my old server, the PHP was version 4.4.9 running as a CGI. On my new server, PHP 5.1.6 is running as an Apache 2.0 Handler. I have already set safe_mode to off in my global php.ini file (hence why global is reported by off). However, I have no local php.ini files, htaccess files, or php directive settings in place, so I cannot figure out why local is set to on! I've tried editing httpd.conf to include "php_admin_flag safe_mode Off", though I'm not certain I put it in the right place. There is only one website on this server. With the CGI php on my old server, I was able to create a local php.ini file to overwrite global directives, but that seems to have no effect with the Apache Handler on my new server.
View Replies!
View Related
Safe To Run Your Website And WHMCS On The Same Account Or Site?
Is it safe to run your website and WHMCS on the same account or site? Say for example I was running Joomla and WHMCS on the same account. If ever a vulnerability in Joomla was found which allowed hackers to view, edit, or download files on the account, this could mean whmcs getting hacked into. End result would be all account information being stolen or worse all the account being deleted or hacked.
View Replies!
View Related
Stop Exploits And Malicious Execs: Safe Mode
I decided to apply PHP safe mode to my servers, considering: - I cannot prohibit using exec functions (some binary uses are needed, like host, mysqldump, etc..) - I cannot restrict at all via UID/GID method at bins due to several problems.. Safe mode is the final sollution, as I only need "safe_mode_exec_dir" config to set a folder with the necesary binaries... this will stop nobody user (Apache) to exec whatever it wants, like perl, binaries uploaded to an public insecure folder (exploits), or anything else... people only could exec() the binaries I want and where I want. This will stop finally 95% of my hack problems. Well. The problem is safe_mode is enabled or not, but you cannot set o disable certain features of this safe mode, like UID/GID checks (*******!)... I am trying to configure so only "safe_mode_exec_dir" would apply, so: - Including UIDs checks disabled by: safe_mode_include_dir = "/home/" (tested) - Some variables set to NULL, as safe_mode_allowed_env_vars or safe_mode_protected_env_vars... - safe_mode_exec_dir = "/usr/phpbin/" Great! with symbolic lynks in... the best sollution available for me. - open_basedir = "/home/" (for fopen, etc...) Ok ok.. but problems there.. by example this one: Quote: Warning: fopen() [function.fopen]: SAFE MODE Restriction in effect. The script whose uid is 32015 is not allowed to access cache/dynamic_fields/modules.php owned by uid 99 in /home/yyyyyyyyy/public_html/chn/modules/DynamicFields/DynamicField.php on line 823 Great.. fopen is under UID/GID checks, but it is not an include, so safe_mode_include_dir would not apply... Now fopen, link, unlink, etc.. functions are UID restricted and this seems to be impossible to disable.... pffffffff... can you share your safe_mode configs or sollutions for this problem?
View Replies!
View Related
Is It Safe To Put /usr/local/bin In Basedir
I am trying to assist a customer install a Dolphin CMS but it returns some "open_basedir restriction in effect" on /usr/local/bin/php (it needs the path to the PHP binary). If I put /usr/local/bin/php in httpd.conf -> php_admin_value open_basedir "..." it seems to work and it finds the required binary but...is this safe?
View Replies!
View Related
Hacker Safe, TRUSTe, BBB And Trust Guard Seals
I am starting a online sotre. Someone told me to keep third party seals for good response. Please recommend me which seals to be used Hacker Safe, TRUSTe, BBB, and Trust Guard I think Trust Guard seal give a multi package for all security,privacy and business verification. Shall people know it? Is it worth money?
View Replies!
View Related
How To Secure Your Php.ini File Safe Mode ; Disable_functions ; Etc
what are the most important issues for secure php.ini file like when you turn your SAFE_MODE ON or OFF? or please who every read this topic to post his important disable_functions in php.ini ... and if some functions disable to post it ... let's make this subject for the most important issues for secure your php.ini from script-kids as we can ... here i have some important question's for anyone has or controlling a server ; vps .... #0x01 ; what the most important disable_functions for the php.ini? #0x02 ; is the safe_mode should be enabled? or disable? and this depend on what exacly? #0x03 ; what the functions or any trick to control the nobody ( attacker on the server or shell ) FROOZ .... didn't move ? or make any command in the server ... #0x04 ; i saw in some secure server ( as they say ) they changed the Server : discribe to them name[s] like Server : SECURE BY US .COM OR SECURE SERVER .. uname -a : Linux secure.secure.com 2.6.9-023stab040.1 #1 Mon Jan 15 23:24:32 MSK 2007 i686 athlon i386 GNU/Linux sysctl : linux 2.6.9-023stab040.1 Server : SECURE BY US ! < [THIS WHAT I MEAN HOW COULD WE CHANGE IT IN PHP.ini ?] id : uid=99(nobody) gid=99(nobody) groups=99(nobody) <[how can we cannot make this nobody to have the host id ! everyhost in the server should have his own name and php.ini ?] pwd : /home/host/public_html/ #0x05 ; how can we hide the uname -a on the shell [ the attacker upload it to our customer site !] #0x06 ; how can we hide the sysctl to view to anyone like [ attacker ] ... #0x07 ; how can we rewrite on he Server Type the display for our secure message?Server : SECURE BY US ! #0x08 ; how can we give evey site and customer his php.ini file in his public_html? and how can we give him [ JUST HIS PERMISSION TO HIS SITES FOLDER AND NOT OTHER PATHS AND PERMISSION!] these question every one had a server ; vps , need to know and secure his box from other ... and anyone would like to publish any new [secure or not] idea please let us know what you would like to say ....
View Replies!
View Related
To /tmp Or Not To /tmp
I am setting up a new server and reading conflicting points of view on whether to mount /tmp with noexec or not....basically if it really does anything as it can be gotten around...what say you all?
View Replies!
View Related
(/tmp) Full
i dont know what is going on exactly look at this 2 commands Code: root@host [/tmp]# ls -hl total 92K Code: root@host [/tmp]# df Filesystem 1K-blocks Used Available Use% Mounted on /dev/sda5 10153988 406444 9223428 5% / /dev/sda8 1019208 900620 65980 94% /tmp how is that possible ls -hl shows thats the space used is 92kb while df shows 65980 94% for /tmp
View Replies!
View Related
I Cant Secure My /tmp
i want to secure my /tmp and do this: so i try this link [url] so: cd /dev dd if=/dev/zero of=tmpMnt bs=1024 count=150000 /sbin/mke2fs /dev/tmpMnt cd / cp -R /tmp /tmp_backup mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp but i have this error: root@server [/]# mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp mount: no permission to look at /dev/loop#
View Replies!
View Related
/tmp File
I was playing around with this and that as you do, and somehow changed my /tmp folder from rwxrwxrwt to rwxrwxrwx - iv tried running chmod 1777 /tmp as someone suggested that but nothing seems to of happened?
View Replies!
View Related
/tmp Filling Up
I've been receiving emails from cPanel telling me that the /tmp partition is filling up. Right now it's at 6%, but I run a couple of crons early in the morning (mysqlcheck, then a backup of my databases). It seems like whenever mysqlcheck runs, the /tmp partition comes close to filling up. My partition scheme is like this: / | 1.5G /usr | 7.7G /var | 7.7G /tmp | 494M /home | 210G /backup | 230G When my server was set up, my host (dedicatednow) partitioned /home to be 210 GB, leaving little extra space for everything else (/backup is a separate drive). /home is only 1% in use. They're telling me that the only thing that can be done is to reformat the entire drive and choose a different partition scheme... is that true?
View Replies!
View Related
'/tmp' Is Mount
I recieve an error related to tmp directory while i try to install something. How can i mount it without a problem? ./xxxxx.Linux.i386.rpm.bin: /tmp/xxxxx_test.sh: /bin/sh: bad interpreter: Permission denied ./xxxxx.Linux.i386.rpm.bin: The directory '/tmp' is mounted with no execution permissions. File: /etc/fstab Code: /dev/VolGroup00/LogVol00 / ext3 defaults,usrquota 1 1 LABEL=/boot /boot ext3 defaults 1 2 tmpfs /dev/shm tmpfs noexec,nosuid 0 0 devpts /dev/pts devpts gid=5,mode=620 0 0 sysfs /sys sysfs defaults 0 0 proc /proc proc defaults 0 0 /dev/VolGroup00/LogVol01 swap swap defaults 0 0 /swapdosya swap swap defaults 0 0 /tmp /var/tmp ext3 defaults,bind,noauto 0 0 /var/tmpMnt /tmp ext3 loop,rw,noexec,nosuid,nodev 0 0
View Replies!
View Related
/tmp And ModernBill
I'm trying to get ModernBill installed here and it gives me the error about the temp directory however it is in fact there and there are other files in it. Any ideas? PHP Settings and Capabilities Critical requirements not satisfied. Please prepare a suitable environment before continuing. You MUST have a writable temporary folder [you do not].
View Replies!
View Related
/tmp Clean?
I have some problems with /tmp: When /tmp is more 20-50% clean out /tmp directory : rm -f /tmp/sess_* rm -f /tmp/*.wrk it cleans tmp folder, but size folder still big and 50% . I fix it : Run the following commands : /bin/umount -l /tmp /bin/umount -l /var/tmp /bin/rm -fv /usr/tmpDSK /scripts/securetmp and it's OK. The partitions remount only helps to fix it. Is it problem the file system ext3 ? Is there a wey yet to fix /tmp ? FC6 cPanel tmpfs ext3=2 Gb.
View Replies!
View Related
/tmp Ownership
when i run CSF security check i get Check /tmp ownershipWARNING/tmp should be owned by root:root the /tmp seems to be set to nobody:nobody Is it a Security Risk.? Other options are set fine on /tmp Check /tmp permissionsOK Check /tmp is mounted as a filesystemOK Check /tmp is mounted noexec,nosuidOK running centos + cpanel and Apache 1.3.x
View Replies!
View Related
/tmp Screwed
I'm not sure what is wrong with my /tmp directory. Everytime i try to do a PHP file upload, it comes up as fail because the uploaded file would not go to tmp, or is somehow stuck there as the filesize returns 0kb. Anyone knows where to start looking to fix this problem? tmp mount: /dev/tmpMnt on /tmp type ext2 (rw,noexec,nosuid,loop=/dev/loop0) ls tmp returns: drwxrwxrwx 4 root root 4.0K Aug 15 10:42 tmp
View Replies!
View Related
/tmp Permissions
while am installing some software wordpress plugins [ podpress ] i have some problem in /tmp permission to the site owner! how can we handle this problem so i can have a permission in my tmp folder i try to chmod the tmp to 777 from the SSH root ... but the problem didn't solve ...
View Replies!
View Related
Is This Normal In Tmp
I found these strange random name files on the tmp anyone know what are they and are that normal? 4Hq7Xb Dbrfns lost+found MGlWaF p6w849 PP5uVI SoArWn spamd_light.sock ToL3Ah Vt0ICH xEgXsU zVLVDa AGs49w fcKNmJ LyC11q O3VQwM pAD0WL psa spamd_full.sock tLnzRx tXqqGI x7uxxo XuFzJl
View Replies!
View Related
/tmp Exploits
An abuser is loading files to a server's /tmp/ folder and I'm having a tough time figuring out which user's script is responsible for this. The attacker isn't gaining root, but is running irc bots as user nobody. Any tips regarding how to figure out which script has the hole which is allowing this to happen? Also, how do I secure the /tmp folder so no files uploaded can be executed?
View Replies!
View Related
|
TRACKER
