Security problem, please help !!

mmgenius

Verified User
Joined
Jan 20, 2004
Messages
180
Security problems

I have recently find out that my etc/passwd file can be viewed trough the php-page of a user of my server, like this: www.domain.com/page=../../../etc/passwd

Can anyone help my how i can stop this? What must I change in my server settings?

greetz
Maarten
 
What the- please, please do not most the same message in multiple forums.

As for your problem, enabling safe-mode should do it.

Thank you.
 
First, a single post in one of the categories is plenty. Posting in three different ones is usually frowned upon.

What you need to implement is the php_admin_value in that virtual domain's httpd.conf file. It should already be there and commented out. You can have it implemented on all new domains, by uncommenting it out in the virtual_host.conf and virtual_host_sub.conf file in your template directory.
 
Back
Top