PDA

View Full Version : Security problem, please help !!



mmgenius
05-23-2004, 03:16 PM
I have recently find out that my etc/passwd file can be viewed trough the php-page of a user of my server, like this: www.domain.com/page=../../../etc/passwd

Can anyone help my how i can stop this? What must I change in my server settings?

greetz
Maarten

l0rdphi1
05-23-2004, 05:48 PM
What the- please, please do not most the same message in multiple forums.

As for your problem, enabling safe-mode should do it.

Thank you.

toml
05-23-2004, 05:50 PM
First, a single post in one of the categories is plenty. Posting in three different ones is usually frowned upon.

What you need to implement is the php_admin_value in that virtual domain's httpd.conf file. It should already be there and commented out. You can have it implemented on all new domains, by uncommenting it out in the virtual_host.conf and virtual_host_sub.conf file in your template directory.

ProWebUK
05-23-2004, 06:00 PM
Merged and the 3 other duplicates removed.

Chris