These forums are locked and archived, but all topics have been migrated to the new forum. You can search for this topic on the new forum: Search for webshell problem on the new forum.
Web Hosting and Cloud Computing Control Panels
Howdy,
What problem is it that you've having exactly?
-Eric
thanks yr reply. assume my hosting client wanna hack our server. then he upload that php shell.
he could use terminal etc to hack my server. i think is it basedir problem and permission.
Howdy,
Ah, being able to browse the filesystem doesn't mean that the user can hack anything. Any web-based file manager would allow that.
There is some information on all that here in the sections "How can I prevent FTP Users from Browsing the Entire Filesystem" and "How can I prevent other types of users from browsing the entire filesystem":
https://www.virtualmin.com/documentation/security/faq
That won't stop users using sftp but permissions should, I hope stop them going where they are not allowed and having access to sensistive info.
Chaos Reigns Within, Reflect, Repent and Reboot, Order Shall Return.
Hi,
As a rule of thumb, if you give a parent folder 0700 permission you'll prevent "non-owners" from reading, writing, or executing in that directory. This is how most filesystems are designed.
Best Regards,
Peter Knowles
TPN Solutions
Email: pknowles@tpnsolutions.com
Phone: 604-782-9342
Skype: tpnsupport
Website: http://www.tpnsolutions.com
Ask me about my new support plans which include a FREE copy of Virtualmin Pro!!!
Best Regards,Peter Knowles | TPN Solutions
Email: pknowles@tpnsolutions.com | Skype: tpnassist