I deleted my tmp folder and mounted a secure tmp file via fstab
e.g.
/path/to/tmp /tmp ext2 loop,noexec,nosuid,rw 0 0
the temp files are now written to a secure tmp file, however some processes still need that folder for example cpanel.
"Failed to create directory /tmp/cpanel.TMP.xxxxx"
Should I ignore that and similar error messages or what am I supposed to do?
On my VPS I would like to set the /tmp folder to 777 and point to it with session.save_path.
The VPS will host a number of sites, but I will have sole control of them. ie. the account holders will not have access to cpanel.
If it makes any difference, the server is running phpSUexec.
What are the risks involved with this?
How to secure /tmp folder on cpanel server with Centos?
what is permissions?
Is there any way to reset it ?
View 2 Replies View RelatedDoes anyone know of a CDN that can provide secure file delivery for 100+ people? I'm looking for something that will allow me to send product download links to customers and have them only download the files once each. They mustn't be able to view or distribute the actual file location for their friends to download.
I'm looking for a pay as you go service with no sign up fee.
I know simpleCDN offers pay as you go, at a rate of $0.09 per GB with no sign up fee, but they only seem to offer http and https delivery at present, which is half way there, but it lacks the secure delivery.
I know Edgecast offers a 'secure token' system that allows download links to be sent out that can only be used once. However, they have a whopping $550 sign up fee, and then a whopping $550 per TB transferred. This has the secure delivery, but lacks the pricing my company can afford.
Does anyone know of any more CDNs that have this secure download link function?
The 'secure token' functionality of Edgecast is a good idea, but even a CDN that just allows you the standard function of creating multiple FTP accounts with different permissions will do to trick.
I am running a large scale business and some time I have to transfer large and very important data files to my business partner. I fear about my data because there are many of my business competitors who will definitely try to steal my important data. So there is huge amount of risk involved in sharing my important data on Internet. I recently heard about secure file transfer technique from my friend who is working in well established software company. Does anyone have any idea about what is Secure File Transfer (SFT) service and how does it work?
View 2 Replies View RelatedI don't know where to ask this question so hopefully I'm in the right forum. I have a friend that owns his own company and travels alot. He needs a place where he can store his work files (mostly document like word, excel, pdf, drawings, etc...) which contains very sensitive information. He need a place where he or the people in his team can transfer files and that he can setup access levels for his users. He need access to his files with a secure tool such as sftp or something else that you guys can recommend.
Also, since some files can be very large he requires a good transfer speed from everywhere in the world. He's looking at around 100GB of storage space and a very high transfer allowance. He will probably need to host his website also. Do you guys think it's better to host the files and website separately?
what are the most important issues for secure php.ini file like when you turn your SAFE_MODE ON or OFF?
or please who every read this topic to post his important disable_functions in php.ini ... and if some functions disable to post it ...
let's make this subject for the most important issues for secure your php.ini
from script-kids as we can ...
here i have some important question's for anyone has or controlling a server ; vps ....
#0x01 ; what the most important disable_functions for the php.ini?
#0x02 ; is the safe_mode should be enabled? or disable? and this depend on what exacly?
#0x03 ; what the functions or any trick to control the nobody ( attacker on the server or shell ) FROOZ .... didn't move ? or make any command in the server ...
#0x04 ; i saw in some secure server ( as they say ) they changed the Server : discribe to them name[s] like
Server : SECURE BY US .COM OR SECURE SERVER ..
uname -a : Linux secure.secure.com 2.6.9-023stab040.1 #1 Mon Jan 15 23:24:32 MSK 2007 i686 athlon i386 GNU/Linux
sysctl : linux 2.6.9-023stab040.1
Server : SECURE BY US ! < [THIS WHAT I MEAN HOW COULD WE CHANGE IT IN PHP.ini ?]
id : uid=99(nobody) gid=99(nobody) groups=99(nobody) <[how can we cannot make this nobody to have the host id ! everyhost in the server should have his own name and php.ini ?]
pwd : /home/host/public_html/
#0x05 ; how can we hide the uname -a on the shell [ the attacker upload it to our customer site !]
#0x06 ; how can we hide the sysctl to view to anyone like [ attacker ] ...
#0x07 ; how can we rewrite on he Server Type the display for our secure message?Server : SECURE BY US !
#0x08 ; how can we give evey site and customer his php.ini file in his public_html? and how can we give him [ JUST HIS PERMISSION TO HIS SITES FOLDER AND NOT OTHER PATHS AND PERMISSION!]
these question every one had a server ; vps , need to know and secure his box from other ...
and anyone would like to publish any new [secure or not] idea please let us know what you would like to say ....
i'm trying to edit my my.cnf file,but unfortunately don't find this file in
/etc/ folder.
It was moved from here, as i find my.cnf.moved with such content
[mysqld]
local-infile=0
and there is backup file for my.cnf.backup in this folder, but when i rename it
to my.cnf some of my scripts don't work well.
So it mean, that real configuration of my.cnf is fine, just need to increase
one value.
Server:
Centos 4.5/cPanel v11/php5 - SSH
Maybe someone can set me straight on this. I have always been under the impression, that under normal circumstances, permissions should usually be as follows:
userdir - 711
public_html - 750
folders - 755
files - 644
I am doing some work on a server and when I create a new folder (using WinSCP) it defaults the folder permissions to 775 and file permissions to 664. Besides causing possible problems with the applications I'm installing, isn't this a bit of a security risk?
Also, if I upload a tar and untar on the server it sets the same 775/664 permissions.
a way to set up a redirect in cPanel so that every file within a particular folder is redirected to a specific file.
For example: I want to redirect every file in domain.com/test to domain.com/redirectedFile.htm
Is this possible in cPanel?
If not, is there another way to do this?
I have a file on my server called admin.php and a folder called "admin" I only want 2 IP addresses to be allowed access to those files.
can this be done in .htaccess? if so can someone give me an example?
I have spent ages trying to work it out myself but I'm a bit of a noob
thanks in advance
what should .htaccess files be chmod'ed to ideally?
to install LightHTTPD but I want to know how can I protect folders like using on apache i can put a .htaccess and it prompts me to enter pass etc...
How do I do that in lightHTTPd?
How do I disallow certian file extensions from public eyes like on my current server I disabled viewing of .datab files and when someone types in the location of mydb.datab they get a forbidden message.
how do i do that in lighthttpd?
Recently I moved my WordPress website to another server, After moving my site I see that my all files permission set to 664, for that I getting many error, now I want change all files permission 644, but problem is I have many subdomain with this site, is there any way to make change all files permission to 644 with SSH or any other way?
View 1 Replies View RelatedI have a problem where every folder I ftp onto the server gets given a 700 permission and every file gets a Zero permission. Most of the sites I am adding to this server will be WordPress sites and most of the folders I want to have a permission of 755 and for the files a permission of 644 so my question is how do I change the settings so that any new files ftp'd onto the server get the permission 755 and files get the permission of 644 ?
View 2 Replies View RelatedI got this Problem after install a New Plesk Server.
Current: CentOS 6.5, Plesk 11.5.30, PHP 5.3.3 (Default install), PHP as FastCGI (I Tried also with Plesk 12.x).
What I did: in IP Tables i set al Ports for Plesk; I set in /etc/proftpd.conf the Ports "PassivePorts 65000 65200"
Problem: Each file ore folder created by an php Application i cant see ore override by ftp.
Example: I Upload a new installation of Joomla 2.5 (CMS) by ftp with a User created by plesk. Then I start the Installation by using the Webbrowser. In this process Joomla change some files and create also an configuration.php. All done by php Scripts. Now I check the configuration.php on the FTP -> Cant see it. -> I check by SSH and the file exists. If I Check the Permissions it seams, that all file have same permissions, owner and group.
-> Configuration.php can not see by ftp ore be overwritten
-> htaccess.txt I see by ftp and i can manage
->> Permissions seams to be the same "?"!"
Ok, new to Plesk, trying to move from ispconfig. So I have Plesk 12 running on Centos 6 64bit in a VPS. I figured out how to upgrade PHP and now I have installed my first website. The website is joomla based but I am getting the below error when installing components:
Warning
Copy failed.
JInstaller: :Install: Failed to copy file /var/www/vhosts/virtual-sim-racing.com/httpdocs/home/tmp/install_55081e65af5fe/pkg_kunena.xml to /var/www/vhosts/virtual-sim-racing.com/httpdocs/home/administrator/manifests/packages/pkg_kunena.xml
Package Install: Could not copy setup file.
This suggest to me a permissions issue - but what to do with it. I have checked all of the relevant Joomla folder permissions and they are all showing as writeable, so it looks like something outside of that?
I don't want to have to stick with ispconfig much longer ...
I have WHM/cPanel server.
I am installed ConfigServer (Firewall)
On configserver it says " /var/tmp should either be symlinked to /tmp or mounted as a filesystem" how can i do this?
I found VPS at Virtuozzo logs that system turns locked and mounted and I believe the system becomes unresponsive at same time.
Here is the sequence of the status that can be found at VPS/status changes
RUNNING--->MOUNTED--->(LOCKED)-->(LOCKED, MOUNTED)-->
(LOCKED, RUNNING)-->(LOCKED)-RUNNING
Code:
VPS STATUS LOGS:
Aug 17, 2007 01:06:16 PM VPS is locked at the moment. It may take some time.(locked) VPS is up and running now.running
Aug 17, 2007 01:06:10 PM VPS is locked at the moment. It may take some time.(locked,mounted) VPS is locked at the moment. It may take some time.(locked,running)
Aug 17, 2007 01:06:04 PM VPS is mounted now. It is not running and some operations are not available.mounted VPS is locked at the moment. It may take some time.(locked)
Aug 17, 2007 01:05:49 PM VPS is up and running now.running VPS is mounted now. It is not running and some operations are not available.mounted
Aug 17, 2007 12:46:10 PM VPS is locked at the moment. It may take some time.(locked) VPS is up and running now.running
Aug 17, 2007 12:46:04 PM VPS is mounted now. It is not running and some operations are not available.mounted VPS is locked at the moment. It may take some time.(locked)
Aug 17, 2007 12:45:16 PM VPS is up and running now.running VPS is mounted now. It is not running and some operations are not available.mounted
Aug 17, 2007 09:37:13 AM VPS is starting up at the moment. It may take some time.(starting) VPS is up and running now.running
Aug 17, 2007 09:37:10 AM VPS is stopping now. It may take some time.(stopping) VPS is starting up at the moment. It may take some time.(starting)
Aug 17, 2007 09:36:52 AM VPS is up and running now.running VPS is stopping now. It may take some time.(stopping)
Aug 17, 2007 08:51:46 AM VPS is locked at the moment. It may take some time.(locked) VPS is up and running now.running
Aug 17, 2007 08:51:25 AM VPS is up and running now.running VPS is locked at the moment. It may take some time.(locked)
Aug 16, 2007 03:00:18 PM VPS is locked at the moment. It may take some time.(locked) VPS is up and running now.running
Aug 16, 2007 03:00:03 PM VPS is mounted now. It is not running and some operations are not available.mounted VPS is locked at the moment. It may take some time.(locked)
Aug 16, 2007 02:59:39 PM VPS is up and running now.running VPS is mounted now. It is not running and some operations are not available.mounted
Also I'm receiving emails with ftpd, exim, cpsrvd failed
when that happens:
Code:
ftpd failed @ Fri Aug 17 09:37:26 2007. A restart was attempted
automagically.
I mounted sda2 as var and its size is 2GB. I wanna to increase its size to 4GB,which command should i run without umount and mount it again?
View 2 Replies View RelatedI've got a problem with one of my servers, and i dont now how to do it. I need to find a technical service that I could hire for a job.
It's a small job. I've got one server that was compromised by D.O.S. atack and taken down by hosting company they did a clean instal fedora and cpanel and said that the data would be mounted on a old drive I need to restore the webs about 30 small sites
Would anyone suggest a person that could do that?
I have seen quite a few users stack all their desktops together in the datacentre racks instead of using rack mounted servers.
Actually between rack mounted servers and desktop servers (with the same motherboard and parts) which will be better in the racks and why?
I have a problem with my new server's setup. It's using a big RAID storage mounted to the main system. When it comes to shell everything is fine, I have access to the disk and files. Problems rise when I try to access the storage content from my php scripts (running on apache) - "Permission Denied" ...
Anyone knows where might be the problem?
I suppose it's because of using RAID but I'm sure it's doable.. somehow..
When I tried to use CLI mode it looks fine - PHP script can access RAID'ed folders when running like :
php /var/www/html/filetest.php
My hosting company is offering to sell me backup space which will be mounted as a network location. e.g. /usr/local/backup
My question is how would I use this since Plesk seems to be configured either to use an FTP location or to use the server repository. Would I have to change the location of the server repository to this network location? This doesn't seem ideal.
Plesk 11.5 on CentOs 6.4
i have a 32 GB hdd the results of df command are:
df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 32G 29G 715M 98% /
/dev/sda1 99M 14M 81M 15% /boot
tmpfs 1.5G 0 1.5G 0% /dev/shm
so there are 29GB used
but the du command shows only 19GB used:
du -hs /
19G /
where are the remaining 10GB from 19GB to 29GB?
So I have a script running on my apache that catalogs pictures and clips. All the actual video files are located on a separate drive which is mounted in to a folder in my site. I've set apache as the owner and have the correct permissions on the mounted folder but I'm getting Forbidden errors accessing files even when on html file in the mounted folder.
I know it's a permissions issue at the disk or mounting level. The way I mount is by using this command:
mount -t ext4 /dev/sdc /var/www/html/media