file security in cPanel

  • darkermoon
  • Expert
  • Expert
  • User avatar
  • Posts: 542
  • Loc: Riverdale, MD

Post 3+ Months Ago

being somewhat similar to thread "My site got hacked" I had a question about some things. I'm hosting a few websites with a host that uses cPanel. Some of the things on the site (ie config files for forums) have to be able to be edited by a web interface on the site and, when installed, are set to 777. If i'm not incorrect this means that any user on the server who knows what directory your site resides in could concoct a PHP type script to write to any 777 file, correct? If I'm right about these things, what would allow the files to still be edited from the internet on your site, but not from another.
  • darkermoon
  • Expert
  • Expert
  • User avatar
  • Posts: 542
  • Loc: Riverdale, MD

Post 3+ Months Ago

any thoughts?
  • Snerdey
  • Beginner
  • Beginner
  • User avatar
  • Posts: 41
  • Loc: Brooklyn, NY

Post 3+ Months Ago

I think the sever is still going to check for your user name and pw and then effort is useless. I have used cPanel for a while and I have had no issues with this.

I will look into this for you and let you know.
  • Snerdey
  • Beginner
  • Beginner
  • User avatar
  • Posts: 41
  • Loc: Brooklyn, NY

Post 3+ Months Ago

Well, I was not able to find anything else on this. But, I think you might want to investigate it more.

Good luck and would you mind posting what you find here?

Thanks!
  • darkermoon
  • Expert
  • Expert
  • User avatar
  • Posts: 542
  • Loc: Riverdale, MD

Post 3+ Months Ago

well, I just thought of a good way to test it.. my friend has a reseller account.. I'll make two accounts and have them try to write to each other.

Post Information

  • Total Posts in this topic: 5 posts
  • Users browsing this forum: No registered users and 14 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.