Serious security error

H

hostck

New member
Joined
Jun 10, 2013
Messages
9
Hi all

i am having some problems cause from hosting server secure, before when i running mod_php(cli), all file shell c99.php ...only shows in own user, after i install suphp and up c99.php shell file, this cause shows all system information on server, I do not understand that causes this.

i am so tired to resolve, i enable open_basedir is ON and disable_functions as directadmin guide

please, help me

Thanks alot
 
hostck said:
Hi all

i am having some problems cause from hosting server secure, before when i running mod_php(cli), all file shell c99.php ...only shows in own user, after i install suphp and up c99.php shell file, this cause shows all system information on server, I do not understand that causes this.

i am so tired to resolve, i enable open_basedir is ON and disable_functions as directadmin guide

please, help me

Thanks alot
Click to expand...

Please give the following a try:
Code: 
cd /usr/local/directadmin/custombuild
./build update
./build secure_php
/etc/init.d/httpd restart

Path of suPHP, php-fastcgi, php-fpm php.ini file is different and "./build secure_php" disables dangerous functions in other locations too.
 
If this is not a new DirectAdmin server, secure_access_group may not be enabled. Make sure it is enabled: http://www.directadmin.com/features.php?id=961

Look in /usr/local/directadsmin/conf/directadmin.conf - it should have this line (if it does not, add it):

Code: 
secure_access_group=access

After adding it, run this command:
Code: 
echo "action=rewrite&value=secure_access_group" >> /usr/local/directadmin/data/task.queue

Also please double check that your /home folder is cmod to 0711

Also, maybe suphp is not correctly installed? Make sure that you have this in /usr/local/directadmin/custombuild/options.conf (this is for custombuild 1.x):

Code: 
php5_cli=no
php5_cgi=yes

Then run:
Code: 
cd /usr/local/directadmin/custombuild
./build update
./build apache
./build suphp

I am only guessing here, there could be many things that are wrong with the setup on your server, I would not know about any of your current settings.
 
Last edited:
hostck said:
i very need help to resolve this, it is so serious

thanks
Click to expand...

Please PM smtalk and ask if he kindly will have time to look at your server and fix any settings that are wrong. Hopefully he have time to help.
 
i tried to do all things but still don't change, i also install new directadmin to test in mod_php is OK but when change suphp errors cause, the c99.php shell will shows the system information fully.

please, help me
 
It is not possible to help based on the limited information you provide. Are you running mod_php or suphp? What version of custombuild are you running? If you are running mod_php, then should should install mod_ruid2, if you are running suphp, then you should run php_cgi. You seem to need help from a system administrator. I dot not provide such service, but many others in this forum do. As said, I recommend you first PM smtalk and ask if he want to look at your server.
 
You must log in or register to reply here.
Back
Top