I've recently moved to a new server in which I don't have root, so bare with me.
For some reason when I upload a file with 'move_uploaded_file($tmpName,$new_filename)', it seems to work fine - but when I check it, try to download it (http or ftp), or change the permission - I can't, because its set to 600 for some odd reason, and owned by the user Apache is setup on.
On one of my servers i can't CHMOD 777 Files, but i can CHMOD 777 Folders.
Files are chmod 777 but on scripts installation... It's Said Please Chmod Example.php to 777
Centos 5
PHP 5
Apache 2.2.3
I have opensuse 13.1 on my server and i folow this tutorial: URL....but as you see this is for opensuse 12.2, but i manage to run everythink only apache2 server.Well i get this error, but i run vhost.No user or group set - set suPHP_UserGroup..Well apache2 is rurning as every other thinks on server only web page dont show and i get error: Server error!
The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there was an error in a CGI script.
I've run into a wall trying to run apache with multiple websites allowing users to use FTPd to manage files.
I'm running FreeBSD 7.1 on Apache 2.2.x
The issue is that Apache runs as www:www but FTPd writes the files as username:client. When performing some scripts that edit back-end files, this obviously can cause errors.
The data for each directory is stored in /home/username/www
I looked into some apache directives I could use. I tried putting User and Group directives into the vhost configuration for each vhost, but that did not work. I even found the perchild module and it looked like it can do the job but was a bit scared and turned off by the fact that it states it is beta at the top of the page. (I cannot link to it because I do not have enough posts.)
I'd appreciate if you can point out some links, or if anyone is willing to help me for a fee, we can talk about it.
I have a web application called MyApp
- Each MyApp user has 5gb hosting, and a web interface to manage their files.
- Therefore MyApp user gets a user account on linux machine and has access to only one directory /repo/usr/<user_id> and nowhere else. (suexec?)
- If that MyApp user creates a subdomain from any folder inside his home folder (he can do that using web interface), that folder is readable by www-data user not writable.
- That myapp user is able to mount/unmount his own ftp drives using curlftpfs.
- In short, users can only mess with their own files and they have no access nor rights to any other file that is outside of their home dir.
In short, this is a kind of hosting company server setup. Right now, we will have to manage all this from -only- one powerful server.
APache is running under the "nobody" user/group as default in CPanel servers
as a suggestion I should change it to another user/group to improve security!
But in CPanel servers its hard to do that because you must edit some scripts and files to prevent the backing to nobody when running some scripts such
PHP Code:
/scripts/chownpublichtmls/scripts/enablefileprotect
or when create a new account
Some sites says "the secret of changing the user/group is in the UID/GID of nobody < 100 !"
so I found a solution :
1 - delete the user/goup nobody
2 - recreate it with GID/UID > 30000
3 - run /scripts/chownpublichtmls
so the question is that solution improve security or i should change the user/group to another one! like "www"?
My apache VPS is having a minor problem.
Using SSH, I gave permission to my FTP username with code below:
chown -R user:ftpgroup /home/site
But my WP theme needs to set up that user I use is rewritable and use this code:
chown -R www-data:www-data /home/site
since using a php code to check WP user and it shows www-data.
MY PROBLEM: I need my FTP to able to write cause i use plugin to create backup and change plugin. My theme also need for both to work.
I can't seem to make run together. I can change group or FTP as long as I can have m WP working.
I am using apache with subversion and need to redirect a request for a file to a different file based on the user that has made the request. It appears that the URL for the requested file could be changed on the fly using RewriteMap; however, is there any way to get the User (as typically given in the request_rec available to apache hooks) making the request in the program used?
View 2 Replies View Relatedi have 2 questions
1 ) iwant limit one user on the cpanel limit on the apache conections?
2 ) i want limit one user not use download manager for site clients
Here is what i have:
- Webserver for member to download which is using user/pass from .htpasswd to allow anybody can see file or download.
What i need:
- any software(code) can show me who log in and when, how much they download, how many time did they login. ---> this to prevent account from to be shared between many people.
- some sort of tool or software can allow me to add new user/pass quick since i am manuallly adding new username/password encrypted to .htpasswd file.
what software to use( or to buy if not so exspensive).
I have a rewrite for mobile clients :
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} "android|blackberry|iphone|ipad|nokia" [NC]
RewriteRule ^$ https://www.myudomain.com/Mobile [L,R=302]
My mobile site is HTML5 written and old phones doesn't support it. How to exclude f.x. old nokias - like 6220 and rewrite old phones to /Mobile_old?
configure Apache server to handle users requests using condition based on where he come from so i can redirect him . what i need if user came with from site start with xn--* redirect him to virtual host and if he came from any other link then go to another virtual host
View 2 Replies View RelatedWhen a php framework try to create a new folder, it's created with apache: apache owner instead the user and group owned the root folder.
the PHP safe_mode is set to off.
I've just moved from a reseller account with ResellerZoom, so a VPS with SolarVPS.
When I was with RZ all my scripts could write to folder with the 755 permissions. On the vps I have to alter the folder I want the script to write to to be 777.
Which the is best and most secure?
I think I understand that if a folder is 777 then anyone on the server can write to that folder. So I assume some sort of thing that stops users being able to access folders outside of their own folders is needed? is that right?
I have a server running php 5.2.4 with CGI as Server API and suexec, but I cant create dirs in php with chmod 755. When I use mkdir("/home/user/public_html/$dirname", 0755); it creates the dir with chmod 744. Why?
I can change later this chmod to 755 in php with the chmod function. But why my server doesnt allow the directory to be created as 755? Where can I configure it?
How change CHMOD for all files *.php on account /home/user/publc_html?
I user chmod -R *.php
but this does not work for subfolders /home/user/public_html/subfolder1
I am getting this error and I just installed apache 2.2 and added a user using useradd user. When i added into the virtual which is:
NameVirtualHost *:80
<VirtualHost *:80>
DocumentRoot /home/user/public_html
ServerName user.com
</VirtualHost>
It does not find the public_html folder I added. Is this a permissions problem? or something else?
Is it possible to verify client certificate based on username?If possible, How can we implement it in our httpd-ssl.conf file.
View 1 Replies View RelatedI have several applications that use authentication and expect REMOTE_USER to be set by Apache for authentication/authorization.
I am putting a reverse proxy, with shibboleth in front of these applications, on a separate server.
Currently, REMOTE_USER is not sent. I have tried a few things, and I am currently sending it inside another header, but I have some applications that are closed sources and this will not work.
Is this possible to do? I am running this with Apache 2.4.7, I believe, on the Windows platform.
We have several sites on one server. When I use the plesk wordpress manager it some how updates the User and Group permissions on folders and files with the username apache. How or what command do I run to get it to use the site username and psacln. It appears something maybe in an update or whatever has caused this issue. This only occurs with wordpress and drupal updates from the plesk interface.
What command can I run just to update the permissions to update all users to a username and psacln security settings on folders and directories.Running Plesk 12.0.18 and CentOS7
I was wondering if it were possible to chmod a directory that is set to a low number to 777 using a shell or command and if so can anyone point me in the right direction as to how to go about doing so ??? I am trying to learn a little and i pefer using my browser to edit files rather then a ftp client.
View 9 Replies View RelatedI know you're not supposed to use 777 but it seems some scripts just simply won't work without it, what steps needs to be taken to avoid using 777?
as far as i understand we're only supposed to use 775 for folders and 644 for files correct?
I just moved my folder_A from computer A to computer B, what is the command to change the permission of owner, access, group for every files in that folder_A at 1 time?
in the folder_A has hundred of files. Let's say , i want to change owner = laptop, access = read and write, group = user, access = read and write , what is the specific command to do that for all the files in folder_A at 1 time?
I get the following error when let my site connect to my database: Access denied for user 'apache'@'localhost' (using password: NO)
But when im running lil test script which connect to my localhost with the same passwords and it gives the status 'Connection OK' (im running on admin account, made a MySQL account with DA)
Code:
<?php $link = mysql_connect('localhost','admin_removed','removed'); if (!$link) { die('Could not connect to MySQL: ' . mysql_error()); } echo 'Connection OK'; mysql_close($link); ?>
I use Basic Auth to limit access to a web site. This seems to work ok. I noticed though in the logs that the logged in user is not logged:
80.....188 - - [16/Jul/2013:09:56:29 +0200] "GET ..." 200 1844 "...." " ...
I would expect the second - to be replaced by the logged in user. The doc says, the user is logged if the document is protected. I do protect the whole directory using directory match. Without log in I fail to retrieve the document in question.
How to change chmode directory with ssh?
what best rootkit cheker for centos 5.3?
what should be ideal chmod permission for public_html and other folders.
is 755 fine ? what is most secure one
i need to find al www folders within home directory with 777 permissions and need to chmod to 750.
if possible post the command to do it
Is there a way in ubuntu 8.10 to have default chmod? everytime someone uploads a file they have to chmod it so that it can be seen/used by the web.
View 5 Replies View RelatedRunning programs named Perl with Heavy CPU usage, with the ownership of user apache.
We found the problem on Fedora 3 and Fedora 6.
In our case, it was the result of a Trojan activity.
Quick Solution
Check the cron jobs of user apache
crontab -u apache -e
*/1 * * * * perl /tmp/.tmp/tmpfile
delete the cronjob entry.
Also delete the file /tmp/.tmp/tmpfile
also added "apache" to the file /etc/cron.deny
That's all
Problem and solution in detail....
