Php.ini In Public_html, Safe
May 12, 2007I'm a customer and don't know much about server management, so like title says, is it okay to put php.ini in public_html?
View 14 RepliesI'm a customer and don't know much about server management, so like title says, is it okay to put php.ini in public_html?
View 14 Replieswhat is the difference between www and public_html? I have hosed my domain in a small hosting company and when i was going through all its folders i found both the folder www and public_html has the same content. but by hosting company asks me to upload all my files into public_html. Iam curious to know the difference between these two folders.
View 19 Replies View RelatedI'm currently using this in my .htaccess:
Code:
RewriteEngine On
rewritecond %[url]
rewriteRule ^(.*) [url]
I have this in my root (public_html) folder. However when you go to [url]
it redirects you to [url]
I'm already in the root. Why would it try to go to public_html/public_html?
What's the correct implementation of this .htaccess?
what should be ideal chmod permission for public_html and other folders.
is 755 fine ? what is most secure one
My server has one IP address assigned to it and i use Webmin with Virtualmin to manage domains.
When you put my IP into a browser like [url]however, it points to my websites public_html folder at /home/username/public_html, which was the first domain i set up.
I would like to change it so that the IP points to its own folder: /var/www/html when entered into a browser.. how do i do this?
I have recently registered a new dedicated server, I am trying to move some sites over. Essentially, what I am trying to do is copy the public_html folder from one server to another.
I have root access on both accounts, I have managed to move the whole home folder from the old to the new, but I guess I would need to download all 2gigs worth of data then upload again, or is it possible to extract only the information you need from the compressed backup.
I am thinking that specifying data from an uncompressed folder wouldn't be possilbe, so, is there a way of moving certain folders from one server to another via SSH?
I wanted a move 1 accounts from cPanel to DirectAdmin server platform. I know it has to be done manually. But this one account has 800MB.
So the question is:
Is it possible to tar public_html while keeping every permission & folder ownership at it's correct setting?
(Sql is not a problem for me)
My website has 200,000 webpages.
I would like to upload all of them to the hosting under public_html
I do not use sub directory.
Can I make sever down or slow?
OK so I'm on the shell and looking at the contents of my home/ directory which has all the various accounts. In each account directory are subdirs such as mail, logs, tmp, etc, and public_html. Is there a way (or a ZIP command) to be in the home directory and create a massive ZIP file containing all the account directories, each containing ONLY the respective public_html subdir for that account?
Using the command "zip -r Backups.zip ./" seems to include all those extra folders (such as mail, etc.) that aren't needed.
I have a VPS with WHM/cPanel on linux.
Currently my sub-domain points to a sub-folder in public_html
I want to make 18 sub-domains but I want them to point to public_html instead.
In other words sub.domain.com will point to /home/user/public_html/ instead of /home/user/public_html/sub/
When I'm adding a new account, I got some error:
[url]
How can I fix that?
I am getting this error and I just installed apache 2.2 and added a user using useradd user. When i added into the virtual which is:
NameVirtualHost *:80
<VirtualHost *:80>
DocumentRoot /home/user/public_html
ServerName user.com
</VirtualHost>
It does not find the public_html folder I added. Is this a permissions problem? or something else?
created one problem for us cpanel
in create new account:
[an error occurred while processing this directive]
Setting up FrontpageŽ...
/home/create1/public_html does not exist or is not a directory!
I have fresh cpanel, but when i create account it doesn't put public_html and public_ftp folder in the account...
View 10 Replies View RelatedWhat is the best option in the php setting does keeping the php function safe mode on or off?
View 12 Replies View Relatedi need to enable php safe mode on for my joomla and i came across this
Quote:
When the php safe mode is turned off globally by default at our server end, you can still override the setting to turn it ON for only your domain by just insert the following line inside the ".htaccess" file (at Linux server):
Code:
php_value safe_mode "1"
my joomla .htaccess file:
Quote:
##
# @version $Id: htaccess.txt 10492 2008-07-02 06:38:28Z ircmaxell $
# @package Joomla
# @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved.
# @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
# Joomla! is Free Software
##
#####################################################
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations. It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file. If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's. If they work,
# it has been set by your server administrator and you do not need it set here.
#
#####################################################
## Can be commented out if causes errors, see notes above.
Options +FollowSymLinks
#
# mod_rewrite in use
RewriteEngine On
########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*(.*) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits
My /tmp on my cPanel hosting server is nearly full, and I was wondering if it is safe to remove all the contents in /tmp, if not, what can I delete to clear up the space?
View 6 Replies View RelatedMost of my files are 755 as permission. Is this safe?
How about putting all files under 644 permission? What is the best permission so that all files are safe from intrusion?
I have a script that needs safe mode off to run, the script writers have said safe mode is disabled as default and not required and even disabled in php 6
Now I'm not to fimular with Safe mode, all I know is most scripts are wrote to work with this on
Should i switch safe mode on or off . Right now i am using it as on some one told me if i switch it off then server can easily hack but becoz i switch it on im having too much problem specially users of sites having problem of uploading and wordpress also have issue and some more script what you say what should i do?
View 9 Replies View Relatedhow can i make "safe mode on/off" using .htaccess?( in SharedHosting )
View 1 Replies View RelatedI would like to know as to whether or not you have php safe mode turned on? If you do, please specify why, and would you allow your clients to turn it off?
View 13 Replies View RelatedI searched but couldn't find much - should you run PHP with safe mode on or off on a shared (Linux) server?
View 3 Replies View RelatedI am trying to install gallery 2.3 and it requires exec() to be enabled for some functions. Is it safe to enable it in php.ini?
In php.ini file I see this, disable_functions = symlink,shell_exec,exec,proc_close,proc_open,popen,system,dl,passthru,escapeshellarg,escapeshellcmd
I have CentOS running on my VPS.
As with many sites. my site was hacked recently. my host was so negative about this. they didn't notice the hack attempt although it took the hacker 9 hours to break through.
after that I made some search on my host to find that it is not a real host at all. they are just resellers to another company. I was very disappointed, Then I decided to go to a better host who can protect me from hackers.
I read some threads about 'hacker safe host' but they all in general don't give a real name of trusted 'anti-hackers' companies.
can you guide me to some of the famous hosts?
if you can't my friends got a VPS hosted with WestHost. he offered me to move my site to his VPS. is west host trusted about hackers?
i have a cpanel server.. can any one tell me how to allow safe mode to a specific domain?
View 1 Replies View RelatedI am going to run a free host, yes I know I should post this in FWHT but well, they dont answer very fast if at all.
It is very dangerous to have Safe Mode OFF on a free host, but someone was telling me about open_basedir, which makes it so they cant touch any files set outside of open_basedir. Would this be suffiecient to keep them from touching others files? I know I need to disable other functions like exec() and stuff but would open_basedir keep hackers away from others files and hacking them...
I am running my VPS on direct admin panel, my disk space is going low, so i am deleting few junk / log files
Kindly let me know
1) is it safe to delete data of this directory -
/var/log/httpd/domains
The File names in above directory are such as - " domain.com.bytes "
As it is occupying 600 MB space
2) where can i delete much junk / temp files, to free up space.
To Install www.awbs.com scripts to my server
How Can I Do This Following to one site on My server
safe_mode Off
allow_url_fopen On
session.auto_start Off
tell Me that i can do that from httpd config
I have found on one webhost that they have very cool feature:
Here is what they say:
Quote:
Browsing through any webhost related forum will reveal that giving safe mode off poses extreme security risk to the server. Because it offers hackers a great advantage to access any other members account or read their sensitive files which usually contain passwords.
But then some genuine scripts won't work with safe mode ON. Meaning you could turn it on per member requests but that takes lots of labor.
So we completely reprogrammed the safe mode PHP source code and recompiled it. As a result ours safe mode OFF is light-years safer & hacker-proof then standard PHP v5 safe mode ON.
So all our members are getting safe mode OFF, with harder security then those hosts who offer Safe Mode ON.
So now I am wondering, how they did that? I have searched forums and Google for lots of different keyword but haven't found anything.
I believe a lot of you running Apache as nobody and having php save mode OFF. It there any way you protect yourself? phpsuexec is not a solution now as it increasing load.
I am trying to assist a customer install a Dolphin CMS but it returns some "open_basedir restriction in effect" on /usr/local/bin/php (it needs the path to the PHP binary).
If I put /usr/local/bin/php in httpd.conf -> php_admin_value open_basedir "..." it seems to work and it finds the required binary but...is this safe?