Hi,
Have a look to Suexec and Suphp.
++
Le 10/12/2010 10:21, Patric Falinder a écrit :
Hi,
Recently one of my site got hacked and they uploaded lots of crap to
it that let them browse through the entire server with a php-script
that let them do all sorts of things.
I'm not an expert on Apache so thats why I'm asking you for help.
I want to know if/how I can let a certain vhost only to browse the
content of their folder.
So for example I have this vhost:
<VirtualHost *:80>
DocumentRoot /var/www/test
ServerName www.test.com
ServerAlias test.com
TransferLog /var/log/apache2/test.log
</VirtualHost>
Right now they can make a file-browser in PHP and go to
/var/www/othersite, browse /etc and by the looks of it the entire
server..
How do I "block" them from browsing the parent directories of there
DocumentRoot?
Thanks,
-Patric
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
--
Cordialement, Nicolas Froidure, gérant, Elitwork SARL.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
