Help - Search - Members - Calendar
Full Version: Applying Subdomain Restrictions?
Hostony Board > General Support > General Support
pftq
I have several subdomains that I share with friends etc. How can I prevent them from putting files that affect files outside the subdomain (ie PHP write to files outside the domain or include)?

Is this do-able via htaccess or something?
MarkM
QUOTE(pftq @ Nov 8 2006, 10:46 PM) *
I have several subdomains that I share with friends etc. How can I prevent them from putting files that affect files outside the subdomain (ie PHP write to files outside the domain or include)?


Do you have WHM or are you on a shared account?



QUOTE(pftq @ Nov 8 2006, 10:46 PM) *
Is this do-able via htaccess or something?


Definitely not configurable through htaccess.
pftq
I'm on a shared server.
MarkM
Hmmm. I've looked in my WHM (on a dedicated) and suggest that you ask the HOSTONY Support Staff to make sure that this is turned on:
QUOTE(WebHostManager @ Nov 9 2006, 07:18 PM)
php open_basedir Protection
Php's open_basedir protection prevents users from opening files outside of their home directory with php.
Enable php open_basedir Protection.


It is accessed like this: WHM > Security: Tweak Security > php open_basedir Protection

Good luck!
pftq
They say it's turned on, but files in subdomain are still able to affect files outside the subdomain. mad.gif
MarkM
QUOTE(pftq @ Nov 10 2006, 04:23 PM) *
They say it's turned on, but files in subdomain are still able to affect files outside the subdomain. mad.gif


Bug them to make sure it is, infact turned on!
pftq
Are you sure it affects subdomains and not just full domains? huh.gif
MarkM
Yes I'm sure. ohmy.gif

It must not be turned on. Maybe the tech just assumed it is.
pftq
Hmm they say to try permissions.

Well the files won't even allow to be written to by anybody if not at 644 or 755. dry.gif I still want to be able to write to them - just not ppl in the subdomain able to write to them.

I have them at 644 and 755 and still they are writable by subdomains. sad.gif

Any ideas?
MarkM
Let me just put it this way. I have that setting turned on in my WHM and I've tested it.

It must not really be turned on. They might have to make sure that your domain is selected in that menu?

Other than that, I'm out of ideas. sad.gif
MartinB
I've enabled this tweak in the past and it give me various problems with php scripts and so sad.gif


QUOTE(pftq @ Nov 9 2006, 03:46 AM) *
I have several subdomains that I share with friends etc. How can I prevent them from putting files that affect files outside the subdomain (ie PHP write to files outside the domain or include)?

Is this do-able via htaccess or something?


If I give access to a subdomain of my account to a friend, and he upload some php script to touch my files, I will kick him in the ass for a minimum of 2 miles. It will solve the problem.
MarkM
QUOTE(mblendinger @ Nov 14 2006, 07:34 AM) *
I've enabled this tweak in the past and it give me various problems with php scripts and so sad.gif
If I give access to a subdomain of my account to a friend, and he upload some php script to touch my files, I will kick him in the ass for a minimum of 2 miles. It will solve the problem.


Hahaha biggrin.gif

I was just reading about how easy it is to hack a server through php. Not a good thing.
Just give this guy his own domain or something.
MartinB
Mark, a good step to improve the security is enabling php_suexec, like hostony do. You will found this on your apache config tool on your root whm panel.

greetings!
MarkM
Of course I already have it enabled! tongue.gif
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2024 Invision Power Services, Inc.
IPS Driver Error

IPS Driver Error

There appears to be an error with the database.
You can try to refresh the page by clicking here