i have a dedicated server wich has safe_mode ON.
i run a joomla portal and i am having issues regarding uploading new modules and stuff like that.. i know that the solution is disabling the safe_mode
i have tried using a customized php.ini but it didnt work... what else can i try?
how i can disable safe mode for 1 account .... i have the fallowing info system :
php 5.2.5
apche 2.2
suphp
i have search in the httpd.conf and i found this
Code:
ServerName xxxx.com
ServerAlias www.xxxx.com xxxxx.com
DocumentRoot /home/xxxxx/public_html
ServerAdmin webmaster@***********
UseCanonicalName Off
TransferLog /usr/local/apache/domlogs/xxxx.com
CustomLog /usr/local/apache/domlogs/xxxx.com-bytes_log "%{%s}t %I .
%{%s$
## User sansnom # Needed for Cpanel::ApacheConf
UserDir disabled
UserDir enabled xxxxxxx
<IfModule mod_suphp.c>
suPHP_UserGroup xxxxx xxxxx
</IfModule>
<IfModule concurrent_php.c>
php4_admin_value open_basedir "/home/xxxx:/usr/lib/php:/usr/php4/lib$
php5_admin_value open_basedir "/home/xxxx:/usr/lib/php:/usr/local/li$
</IfModule>
<IfModule !concurrent_php.c>
<IfModule mod_php4.c>
php_admin_value open_basedir "/home/xxxxx:/usr/lib/php:/usr/php4/$
</IfModule>
<IfModule mod_php5.c>
php_admin_value open_basedir "/home/xxxxx:/usr/lib/php:/usr/local$
</IfModule>
<IfModule sapi_apache2.c>
php_admin_value open_basedir "/home/xxxxx:/usr/lib/php:/usr/php4/$
</IfModule>
</IfModule>
<IfModule !mod_disable_suexec.c>
SuexecUserGroup xxxxxx xxxxxx
</IfModule>
ScriptAlias /cgi-bin/ /home/xxxxxx/public_html/cgi-bin/
in wich part chould i add the commande line to disable the safe mode?
How can custom safe_mode / register_globals for an account?
Hi,
I have with CentOS 5.2 + cPanel/WHM. For security i edited suphp.conf and force all users use my main php.ini config:
[phprc_paths]
application/x-httpd-php=/usr/local/lib/
;application/x-httpd-php4=/usr/local/php4/lib/
application/x-httpd-php5=/usr/local/lib/
Now i wanna turn on register_globals and turn off safe mode for an account, how can i do that?
Does anyone know if PHP safe_mode can be enabled on a per user basis?
View 9 Replies View Relatedwhen I make open_basedir effect in whm > security center
I have in my script this problem :
Warning: tempnam() [function.tempnam]: open_basedir restriction in effect. File() is not within the allowed path(s): (/home/xxxx/:/usr/lib/php:/usr/local/lib/php:/tmp) in /admincp/misc.php on line 685Warning: fwrite(): supplied argument is not a valid stream resource in /admincp/misc.php on line 688Warning: fclose(): supplied argument is not a valid stream resource in /admincp/misc.php on line 689
when I disable it I have this other one problem :
Warning: fopen() [function.fopen]: SAFE MODE Restriction in effect. The script whose uid is 32010 is not allowed to access /tmp/vbthumbLTfVOk owned by uid ..
i get an error message for a site im trying to build.
id like to know if there are scripts i can upload myself to turn off safe mode and to sto the base dir thing.
i understand this can be done in php.ini and htaccess.
Warning: curl_setopt() [function.curl-setopt]: CURLOPT_FOLLOWLOCATION cannot be activated when in safe_mode or an open_basedir is set in /home/g/public_html/term-sample.php on line 58
Recently, some of our Linux/cPanel servers got hacked (not rooted) by using the following code (method)
#!/usr/bin/perl
symlink ("/home/USER/config.php","/home/USER2/test.txt");
The hacker just execute the perl file , and then he called the "test.txt" file through internet explorer , and its done , he can read the file easily !
We tried to :
1- run php as CGI module.
2- run SUPHP module.
3- run php as apache module.
4- enable open_basedir and safe_mode.
But the hacker still can bypass the system!
the only solution is to disable /usr/bin/perl , chmoded it to 700 . but thats caused a broken cpanel!
as it requires it to be at 755 for proper operation, since it is used by customers as well when it suexec into the user when they log into cPanel. and so we cannot change it to that setting (700), since it breaks the entire system.
So is there any way to stop the "symlink" perl function?
any way to stop this attack method?
I want to disable the use of other dns being used instead of my name servers is this possible if so how can i do this.
View 4 Replies View RelatedHow do i take one IP on the server down ?
I need to disable eth1:4 as it get ddos attack.
ifdown eth0:4 is not working
Quote:
[root@server22 ~]# ifdown eth0:4
usage: ifdown <device name>
[root@server22 ~]#
I think the command used to work before.
Anyone know how to take down only that IP with out editing ifcfg-eth0-range0 ?
Disabling POP and IMAP on cPanel
We're using Google Apps to handle all e-mail for the domain, so we have no need for POP and IMAP services running on our server (and I'm always getting e-mails from LFD that show bots are trying to connect with random passwords and such) so I want to disable them, but keep SMTP active since some scripts running on our server use it and I don't feel like rewriting them right now.
I unchecked IMAP and POP in the WHM service manager to disable them, but it's still enabled and I'm able to connect and everything. How can I completely disable these 2 services?
I have a website which has a FLV player serving .flv files which are hosted in the server. I notice that some users are directly downloading the files using the direct URL and they seem to be using download managers for that which is opening several Apache connections and open slows down Apache. I want to prevent this. I thought of preventing it using a .htaccess file but did not help. This is what I used:
<Files *>
order allow,deny
allow from 127.0.0.1
allow from localhost
deny from all
</Files>
I thought this would work but it doesn't as it is blocking the FLV player from playing the file. Can anyone tell me the right way to do it?
We all know that some php funcions are dangerous, such as:
system, system_exec, passthru, shell, shell_exec, exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, pfsockopen, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg
Those functions can be disabled at php.ini using disable_functions option.
Now.. what about disable_classes option? I haven't seen anyone talking about this on the common security tutorials. What are your suggestions for this? What classes should be disabled?
Is there someway to disable shell files from working? Because even if you disable shell, shell files still seem to work...
View 2 Replies View RelatedI am not expert in linux box.... Actually I have found a problem in my machine, our clients are not able to access their sites from server, when I checked the system log it was related to Permission Denied. Someone told me to disable SELinux enforcing, Now after that my problem resolved.
But I am curious that what exactly Selinux is and what kind of issue it may create for my box if I disable it?
I have RH ES4 running as a vhost on Plesk.
Does anyone know how I can turn off IonCube? I don't see the .so for IonCube in php.ini
I just got a new vps running virtuozzo with cpanel/whm. I have no plans on ever using email on this server. What's the best way to turn all of it off from whm/cpanel and is it worth doing to speed up the server?
View 4 Replies View RelatedI am trying to troubleshoot messages piling up in my /var/log/messages on CentOS 5 that look like this:
Apr 18 10:04:01 sc16 kernel: printk: 3 messages suppressed.
Apr 18 10:04:06 sc16 kernel: printk: 2 messages suppressed.
Apr 18 10:04:14 sc16 kernel: printk: 3 messages suppressed.
Apr 18 10:04:17 sc16 kernel: printk: 1 messages suppressed.
Apr 18 10:04:25 sc16 kernel: printk: 3 messages suppressed.
Apr 18 10:04:31 sc16 kernel: printk: 1 messages suppressed.
Apr 18 10:04:39 sc16 kernel: printk: 2 messages suppressed.
The messages are supressed so I can't see what they are or what is causing them.
How can I disable printk supression?
I have already tried:
echo 0 > /proc/sys/kernel/printk_ratelimit_burst
echo 0 > /proc/sys/kernel/printk_ratelimit
They don't seem to disable it... Any ideas?
I like to disable the CGI Module in httpd.conf. Can you please help me to disable the CGI Module.
View 5 Replies View Relatedi have a problem with a hacker that uses .htaccess to disable mod_security
using this code
PHP Code:
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
so is there a way to stop this?
also they have come up with a smart way to run shell files named as images using this code in .htaccess
PHP Code:
AddType application/x-httpd-php .gif
is there a way to disable the "AddType application"?
login as: hen
hen@xx.xx.xx.xx's password:
Last login:
hen@root [~]# su -
Password:
su: incorrect password
I verified that root password is correct, but no matter how many times I tried, I can't su in
Where's my su permission
-rwxr-xr-x 1 root wheel 24060 Mar 22 2007 /bin/su*
here's inside /etc/group
wheel:x:10:root,hen
someone develop a game which is server-centric. Everything is done server-side. In any case, he can compile it without a problem in Ubuntu, but on my CentOS 4.4 servers, he's having trouble.
The one last bug that he's hit, is that he needs to disable the stack protector on CentOS 4.4 in order to compile the game without any more problems.
in order to secure my server against instrusion, i disabled ssh root login and created a user for myself. however in order to access the user i need to enable SSH Password authentication
I dont enable password authentication all the time and i keep it disabled unless i need to do something via ssh.
Now my question will be, is there a way to keep the user i created and keep the root login disabled and password authentication disabled but use ssh keys for the user i created?
I was informed that if i opt to login to ssh via the user i created, the only way to do that is to enable password authentication as it cannot work with ssh keys. is this true?
I really hope someone can help me how to use the user i created together with ssh keys so i dont have to enable password authentication when loggin to ssh
A customer asked me if it could be possible to disallow certain email accounts to send emails out of the accounts domain. Is there a way to do so with the Exim installation in Cpanel?
View 0 Replies View RelatedEverytime a new account is created in WHM/cPanel, the "Allow Annonymous Access for FTP" option is enabled by default. Since this is something I want turned off for all new accounts... does anyone know a way of switching this off globally in cPanel/WHM so that every new account will have this turned off by default?
View 3 Replies View RelatedAt times as I'm developing, due to some coding error in PHP on my part, particularly calling a COM object, the apache server crashes. I'm delighted that it recovers, but in so doing it always tries to rerun the query that crashed it, which just causes another crash, and so on. Is there some way of getting round this, so that it recovers but the problematic code is not rerun?
XP SP3 (still!)
Apache/2.4.3 (Win32) mod_fcgid/2.3.7 PHP/5.4.9
Firefox (Aurora)
Can we disable sender verificaiton for a specific domain in exim? If so, can you tell me the steps?
View 2 Replies View RelatedWe are trying to disable server info into response header.
Header unset Server
Header set Server "unknown"
It is not working.We have installed "Apache 2.4.6-x86 server" on Win 2008 R2 Standard server (64-Bit).
