Problem With Files Owned By 'nobody' When Uploaded

Aug 4, 2007

I used to have my apache 1.3.37 with PHP compiled as a CGI. Whenever i have a php script (say vbulletin forum software) that allow file uploads, files will be uploaded with the correct userid and groupid on the server. However, once i compiled PHP as ISAPI module, the files will be uploaded but will be owned by 'nobody'. Of course i can log in as root and chown it back to the right user, but it's a hassle if there are multiple user accounts on the server and they're using php software on their end. If someone is using an ftp program and tries to overwrite that uploaded file that's owned by nobody, it will not let them do so. Is there a way to fix this, or change the config files that would fix it?

View 3 Replies


ADVERTISEMENT

Filter Uploaded Files

Mar 5, 2008

I want to filter any files uploaded and i have put this line at php.ini
suhosin.upload.verification_script = /my path

But my problem till now i can not make this script. (Disable upload php files)

View 1 Replies View Related

How To List Down All Files Owned In 'root' Inside /home

Jun 3, 2008

I wanted to list down all files owned by 'root' inside /home directory and all users directory inside /home/users including subfolders and everything!

the command below works but only works when executed within the working directory.

ls -l | awk '{print $3" " $9}' | grep root

View 4 Replies View Related

How To Find How And Who Uploaded Files- Spam - Action I Can Take

Mar 27, 2009

I have a dedicated server, the server itself is secure (as far as I know) and I run lots of my sites from it. I offered a friend hosting for his flash based chat application he built.

Today I was contacted by someone; "Are you the owner of xxxx.net?" so I informed that yes, it was my server and they then showed me an email they'd received from my server. I did a search and apparently someone uploaded mail.php and a couple of files it was using to send out spam based upon a variety of conditions that the other files met. The files contained forenames and surnames, it'd use a forename and a surname then send it to popular free mail services. The email contained ramblings about new world order and promoted a website.

How can I find out how they got the files uploaded to the account and what action can I take? I checked the whois for the domain and have their contact information, however it's a large site so I'm doubtful that the owner did it. I don't want my servers IPs being blacklisted for spam :|

View 3 Replies View Related

Stoping Malicious Files From Being Uploaded ( Cpanel)

Jun 27, 2009

I am wanting to know if there is a way to stop files being uploaded to my vps, via ftp cpanel etc that are malicious..

I have been told there is a way to do this but i havent been told how..

Basicaly i want to know if there is something where i can add a list of keywords that are in the malicious files and what ever it is will stop them from being uploaded or if they manage to get uploaded onto my vps will it make them not work?

I am looking into this as i had an issue before where someone uploaded a shell onto my server :@ luckily it didnt cause no damage or he didnt get anywhere but i still want to be safe.

View 5 Replies View Related

Limit The Size Of Uploaded Files Using VSFTPD

May 26, 2007

I have a RHEL 4 plain server, and im using vsftpd server, i can not find an option to specify the max size for uploading files... does anybody know something about this?

View 1 Replies View Related

Files Uploaded Via Scripts & Joomla Have 600 Permissions

Jun 26, 2007

I've recently started experiencing some issues where files uploaded through Joomla or some other scripts (mostly PHP) inherit a permission of 600. Prior to updates being done on the server I'm hosted on, uploaded files received 644 permissions and all things worked great.

I've checked the umask that assigned to the shell (022) and have ruled out that as a problem.

View 7 Replies View Related

Plesk 11.x / Linux :: Can't See Files Which Are Uploaded With Script

Mar 1, 2014

I am using a upload script for my files. After upload i cant see them on ftp but can see on panel file manager.

View 9 Replies View Related

Apache :: Created FTP Account With Vsftp And Files Uploaded Are Not Readable

Jan 17, 2014

I created a FTP account with vsftp and files uploaded are not readable via www-data

View 1 Replies View Related

Account Not Owned By Anyone In WHM

Feb 21, 2007

There is a domain name in my WHM that does not seem to be owned by anyone, it just gives the username for the domain like below, but does not show who the domain is owned by (ie: root).

Code:
Example: ukstuden()

How can I fix this?

View 8 Replies View Related

Tembak.c Owned By Nobody

Nov 19, 2007

i have a tembak which is compiled from tembak.c and takes up processes. i have deleted the files from the server however it pops backup again in the same directory.

View 4 Replies View Related

Servers Owned

Jun 27, 2007

this webhost is your classic insecure VPS here is an chat transcript I sent the tech support

----------

%nslookup 83.138.144.36
Server: 192.168.1.254
Address: 192.168.1.254#53

Non-authoritative answer:
36.144.138.83.in-addr.arpa name = stresa.hostireland.c0m.

Authoritative answers can be found from:
------------

from email from 83.244.130.107 and to website 83.138.144.36/~rhyno

ictom: eqwrt

You are now speaking with Mitch of Support.

Mitch: Hello, thanks for contacting support how can i
help you

victom: hello

victom: I just called a while ago about phishing site

victom:
____://83.138.144.36/~rhyno/rams/sitekey.bankofamerica.com/sas/signon.do&detect=2/

Mitch: Yes, I belive you were speaking to Anthony

victom: heh ya I ran out of min on my account

Mitch: ok, What i would ask you to do is place a
trouble ticket via PAM and i will forward this to our
senior technicians and admin team for further review

victom: firefox picked it up as a phishing website but
IE6
is not so lucky

Mitch: More then likley due to the outdated security fetures in IE6 it is becoming easy to get around it

victom: that and your running some exploitable services on that VPS prob. I use to work for a webhost

victom: trouble ticket via PAM?

Mitch: Are you currently a Host ireland customer?

victom: Hell no I got a spam email from umm hold

victom: 83.244.130.107

Mitch: Ok, So we can track this issue could you please send us an e-mail to support@hostireland.ie

victom: so looks like you got at least 2 owned boxes

victom: sure

View 0 Replies View Related

Any Review On Cogent Owned Colo

Sep 2, 2009

there is anyone out there who has their infrastructure colocated in cogent owned datacenter. And how stable and secure is it. The only reason i m interested in Cogent owned colo is that they provide solid SLA.

View 14 Replies View Related

Is Powweb And Dot5hosting Owned By The Same Owner? Or Are They Diffrent?

Apr 11, 2008

I'm looking both at powweb website and dot5hosting and the products page look exactly the same with different colors. Are they owned by different owners, or do do their pages just look the same?

Here are the links ....

View 11 Replies View Related

Black Owned Dedicated Web Hosting Company

Oct 25, 2008

Just wanted to know if anyone know of a black owned dedicated web hosting company?

View 11 Replies View Related

PHP MKDIR OWNED Apache User / Group

Feb 17, 2015

When a php framework try to create a new folder, it's created with apache: apache owner instead the user and group owned the root folder.

the PHP safe_mode is set to off.

View 3 Replies View Related

FTP - Uploaded File Not Overwriting

Jan 5, 2008

Does anybody understand what is going on here?

Here is the problem:

I log in to FTP and I try and upload an updated file (the file already exists on server). It prompts me to overwrite and I say yes but when I refresh/check the site the page hasnt changed - I then tried uploading the file again and it still says the existing file size (so I know it hasnt been replace).

Any idea why it it not overwriting?

The files are CHOWNed my the owner (FTP user) which is myself.

View 11 Replies View Related

Uploaded File Size 0 KB

Feb 2, 2008

I uploaded my file to web server(html, image file and css file), but strangely after uploaded it to server all file that I uploaded size 0 KB. I uploaded it using WS FTP.

Is there something wrong the way I uploaded it.

View 2 Replies View Related

Hosting For Music And Video That Is Owned But Copyright Protected

Feb 5, 2009

have built quite a library of music now. It would be great if I could upload music to my hosting account, and then just access it from my phone. Would that be allowed so long as I did not share this music with others? Where might I be able to set this up? I checked with hostgator and they said it was not okay.

View 9 Replies View Related

Someones Uploaded A Phishing Site

Jul 31, 2007

Someones managed to upload a phishing site to my VPS.

How do they normally achieve this, there has been no unauthorised root access as I get e-mail each time someone log in as root.

Is it likely they've just managed to guess my ftp password, or is it going to have something to do with a script running elsewhere?

I've got solarvps looking at it now.

View 14 Replies View Related

Shell Uploaded - Site Hacked - How To Trace ?

Nov 6, 2008

Shell uploaded - Site hacked - How to trace?

Many of my customers let me know that their websites had been hacked. I think it comes from local hacker ....

View 7 Replies View Related

How Many Websites Can Be Uploaded To One Single Webspace Account

Oct 20, 2008

How many websites can be uploaded to one single webspace account

View 9 Replies View Related

[newmailcgi] Recently Uploaded CGI Scripts On CPanel Server

Dec 11, 2007

Whenever someone uploads or re-uploads to my server a file relating to a CGI script that sends mail, I get an email with something like:

Quote:

Note: If this is the first time you received this mail, it contains the history for the entire month so far.

Below are the recently upload scripts that contain code to send email. You may wish to inspect them to ensure they are not sending out SPAM.

/home/xxxxxxx/public_html/followup/send2.php:106: if($sc == "buchanan") {
/home/xxxxxxx/public_html/followup/send2.php:107: mail($email, $subject, $creative, $headers);
/home/xxxxxxx/public_html/followup/send2.php:108: }
---
/home/xxxxxxx/public_html/followup/send.php:100: if($sc == "buchanan") {
/home/xxxxxxx/public_html/followup/send.php:101: mail($email, $subject, $creative, $headers);
/home/xxxxxxx/public_html/followup/send.php:102: }
---

What steps can I take to actually inspect them to ensure they are not sending out SPAM?

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved