I used to have my apache 1.3.37 with PHP compiled as a CGI. Whenever i have a php script (say vbulletin forum software) that allow file uploads, files will be uploaded with the correct userid and groupid on the server. However, once i compiled PHP as ISAPI module, the files will be uploaded but will be owned by 'nobody'. Of course i can log in as root and chown it back to the right user, but it's a hassle if there are multiple user accounts on the server and they're using php software on their end. If someone is using an ftp program and tries to overwrite that uploaded file that's owned by nobody, it will not let them do so. Is there a way to fix this, or change the config files that would fix it?
I have a dedicated server, the server itself is secure (as far as I know) and I run lots of my sites from it. I offered a friend hosting for his flash based chat application he built.
Today I was contacted by someone; "Are you the owner of xxxx.net?" so I informed that yes, it was my server and they then showed me an email they'd received from my server. I did a search and apparently someone uploaded mail.php and a couple of files it was using to send out spam based upon a variety of conditions that the other files met. The files contained forenames and surnames, it'd use a forename and a surname then send it to popular free mail services. The email contained ramblings about new world order and promoted a website.
How can I find out how they got the files uploaded to the account and what action can I take? I checked the whois for the domain and have their contact information, however it's a large site so I'm doubtful that the owner did it. I don't want my servers IPs being blacklisted for spam :|
I am wanting to know if there is a way to stop files being uploaded to my vps, via ftp cpanel etc that are malicious..
I have been told there is a way to do this but i havent been told how..
Basicaly i want to know if there is something where i can add a list of keywords that are in the malicious files and what ever it is will stop them from being uploaded or if they manage to get uploaded onto my vps will it make them not work?
I am looking into this as i had an issue before where someone uploaded a shell onto my server :@ luckily it didnt cause no damage or he didnt get anywhere but i still want to be safe.
I've recently started experiencing some issues where files uploaded through Joomla or some other scripts (mostly PHP) inherit a permission of 600. Prior to updates being done on the server I'm hosted on, uploaded files received 644 permissions and all things worked great.
I've checked the umask that assigned to the shell (022) and have ruled out that as a problem.
I couldn't keep my mouth shut (technically fingers). A customer wanted to upgrade servers and he needed a way to move the data across. Since I don't allow hard drives to be swapped, they have to do it manually all by themselves. I generally allow up-to 4 days for them to transfer data and make DNS changes, etc. But this time, I offered help! I agreed to move the data (darn me) and it just came out of me, involuntarily.
God knows what just happened... but in a positive way, customer is extremely happy!
Both servers are on cPanel - with root access (duh)
200 odd files which total to 25 GB
1 database about 100 MB in size (no biggie)
I was planning on using one of my Windows 2003 servers (via remote desktop) to download the 25 GB and upload the 25 GB, but that sounds like a waste of resources and time.
We have found that we need to limit the amount of cpu uage by users on our video share server. On this server we currently have 20 users on a sharred plan. Thought that the obvious BW usage would be the biggest challenge, as it turns out we havent gone over the 2 TB that we have.
We have come up with an encoding process that uses the 264 codec and gives us excellent results in terms of quality but is very cpu intensive to the point of really slowing down the server when 10 or more users simutaneously are encoding their videos.
Can someone suggest a script that would allows us to limit the file size in terms of MB/GB that each user could upload per month.
So for example a client pays 10.00 per month and we wanted to limit their uploads to a total of 900 MB per month vs the client that is paying 50.00 per month who would have the ability to upload say 8 GB per month.
When I download a file from my server, only specific extensions are working. This is really annoying since I want to be able to see how much time left to finish a download.
For example I uploaded a video with .vob extension file.vob --> does not show filesize when downloading
If I rename the same file to different extension: file.avi --> works fine shows filesize when downloading file.mp3 --> works fine shows filesize when downloading file.rar --> works fine shows filesize when downloading file.mp4 --> does not show filesize when downloading file.wmv --> does not show filesize when downloading
These are direct download links, not using any download scripts or anything. Why are some extensions displaying the filesize and some not displaying them? I am using Apache 2.x server.
I been having a heck of a time just with this one cpanel server and open files limit. At first using open_files_limit did not work so I changed it to open-files-limit that seemed to work but now it rejects the value and sets its down to 65535.
Then system open files limit is 500000. I try to set it to any value about 65535 in my.cnf and here is usual error:
090630 9:32:07 [Warning] option 'open_files_limit': unsigned value 120510 adjusted to 65535 090630 9:32:07 [Warning] option 'open_files_limit': unsigned value 120510 adjusted to 65535
When I run something like the tuning-primer it shows:
Current open_files_limit = 120510 files
The open_files_limit should typically be set to at least 2x-3x that of table_cache if you have heavy MyISAM usage.
Your open_files_limit value seems to be fine
But Im not sure if it is just reading my.cnf or something. I am still getting complaints from users about lost connections and I see the errors in error log. Ive looked everywhere and cant seem to find a solution to this.
How to increase the Open Files limits descriptor in Apache. In the earlier version of Cpanel, we had an option of Raise FD Size Limit to 16384, but the option no longer appear while rebuilding Apache. What is the way to do it and make the change permanent?
Domain has PHP Settings in Plesk set to 2G and I get this error when uploading a 48MB file using Wordpress. I assume I need ot modify this manually in conf file somewhere to allow uploading large files?
Requested content-length of 48443338 is larger than the configured limit of 10240000..
mod_fcgid: error reading data, FastCGI server closed connection...
One of our resellers has an account.. When looking into cpanel, it says that that account is using 3300megs. When we go into the ftp of that account, in reality it is only using 1.3megs. This is a huge difference! Most of folders are empty. We are using the latest version of WHM and Cpanel.
Which one would you consider using the most? Currently I use vsftpd and while it's fast and light, it's a real pain in the butt to add new users I've found (adding shell users except it doesn't always work). I was reading up on how to add users on pure ftp and they had something called virtual users which looked really nice...
3. I setup vsftpd with chroot to each virtual host.
This works very nice as long as each client has only one ftp account. But if a client(website1) wants to have multiple ftp accounts( ex. john, john100, john200), they would mess up the file ownership when they upload and change files. Since suPHP executes PHP scripts with the permissions of their owners (suPHP_UserGroup John group1, suPHP would complain their setid is mismatched because the John100 is not the suPHP_USERGROUP owner(John). I have tried Virtual Hosting with Vsftpd and Mysql, that didn't work because all the virutal users would be acting as one user (guest_username=virtualftp) when they upload and change files. I am wondering if there is ways to allow multiple ftp accounts for each Virutal host working together with suPHP. Or It is possible for ftp user to change ownership once they log in.
With Red Hat Enterprise Linux 4 (RHEL 4), are updated packages made available, or are only security patches backported? Specifically I'm interested in vsftpd. Version 2.0.1 is included in the RHEL installation on a server I'm working on, but there is a bug fix in v2.0.4 that I'd like to get access to.
Is there an easy way for me to browse / search what packages are available for RHEL 4, preferably via website?
I been using plesk, and cpanel so this is the first time I have Webmin for my CentOS.
After some googling and reading, i able to install apache, mysqld and vsftpd (for some reason, my host (hivelocity) didnt install these. So this is my setup.
a.com: in godaddy, i add nameserver host as ns1.a.com and ns2.a.com and change the dns to point to that
b.com: in godday, point dns to ns1.a.com and ns2.a.com BIND DNS Server
I create two master zone for a.com and b.com a.com
$ttl 38400 a.com. IN SOA server.a.com. abc.yahoo.com. ( 1226206691 10800 3600 604800 38400 ) a.com. IN A 22.214.171.124 server.a.com. IN A 126.96.36.199 a.com. IN NS server.a.com. mail.a.com. IN A 188.8.131.52 ftp.a.com. IN CNAME a.com. www.a.com. IN CNAME a.com. a.com. IN MX 10 mail.a.com. b.com Code: $ttl 38400 b.com. IN SOA server.a.com. abc.yahoo.com. ( 1226206691 10800 3600 604800 38400 ) b.com. IN A 184.108.40.206 server.a.com. IN A 220.127.116.11 b.com. IN NS server.a.com. mail.b.com. IN A 18.104.22.168 ftp.b.com. IN CNAME b.com. www.b.com. IN CNAME b.com. b.com. IN MX 10 mail.b.com.
I created 2 virtual servers for a.com and b.com /home/sites/a.com/html /home/sites/b.com/html
I create an index.php in a.com/html with content: "a.com YEAH"
I create an index.php in b.com/html with content: "b.com YEAH"
After wait for dns to propogated,
when i try to go to a.com, content "a.com YEAH" shows up.
But when goto b.com, content "a.com YEAH" shows up? Why?
Also, when goto ns1.a.com, content "a.com YEAH" is there.
I also has problem with vsftpd but let fix that later.