10-21-2008
Apache 0777 directories
Hi All
I have a web server,I have many world writeable directories (0777),Created by programmers,for uploading pictures.
Now i want to stop script excuation (php,cgi,etc) in the directories 0777,I know one way is to use htaccess file,i dont wana used that,if some one know any other method using apache config file or any other methos it will be great.
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi everyone, I'm a newbie at this. We have a unix web server which has redhat 7.2 on it. It has apache server hosting our website at the moment. This is what I'm trying to do.
Goal: I'm trying to put reports online so when clients come they can read it and what not. I want only clients viewing... (2 Replies)
Discussion started by: crazycelicagts
2 Replies
2. Shell Programming and Scripting
Hi ,
I 'm trying to check if multiple directories exist on a server, if not create the missing ones and print " creating missing directory.
how to write this in a simple script, I have made my code complex
if ; then
taskStatus="Schema extract directory exists, checking if SQL,Count and... (7 Replies)
Discussion started by: ramky79
7 Replies
3. Shell Programming and Scripting
Hello all,
Here's the deal...I have one directory with many subdirs and files.
What I want to find out is who is keeping old files and directories...say files and dirs that they didn't use since a number of n days, only one level under the initial dir. Output to a file.
A script for... (5 Replies)
Discussion started by: ejianu
5 Replies
4. Shell Programming and Scripting
Hi ,
I am very new to unix as well as shell scripting. I have to write a script for the following requirement.
In a particular mount, have to list all the directories and sub directories along with size of the directory and sub directory in ascending order.
Please help me in this regard and many... (4 Replies)
Discussion started by: nmakkena
4 Replies
5. UNIX for Dummies Questions & Answers
Hi all,
Using grep command, i want to find the pattern of text in all directories and sub-directories.
e.g: if i want to search for a pattern named "parmeter", i used the command
grep -i "param" ../*
is this correct? (1 Reply)
Discussion started by: vinothrajan55
1 Replies
6. Shell Programming and Scripting
Can anyone come up with a unix command that lists
all the files, directories and sub-directories in the current directory
except a folder called log.?
Thank you in advance. (7 Replies)
Discussion started by: Manjunath B
7 Replies
7. Red Hat
whats the use of this create mask = 0777
wht means mask ? (3 Replies)
Discussion started by: babinlonston
3 Replies
8. UNIX for Dummies Questions & Answers
It is for HP-Unix B.11.31.
Requirement:
1. List the directories, having given pattern in the directories name, sorted by creation date.
Example: Directories with name "pkg32*" or "pkg33*"
2. On the output of 1. list the directories by creation date as sort order, with creation date... (2 Replies)
Discussion started by: Siva SQL
2 Replies
9. Solaris
I have searched this quite a long time but couldn't find the right method for me to use. I need to assign read write permission to the user for specific directories and it's sub directories and files. I do not want to use ACL. This is for Solaris. Please help. (1 Reply)
Discussion started by: blinkingdan
1 Replies
LEARN ABOUT DEBIAN
upsset.conf
UPSSET.CONF(5) NUT Manual UPSSET.CONF(5)
NAME
upsset.conf - Configuration for Network UPS Tools upsset.cgi
DESCRIPTION
This file only does one job--it lets you convince upsset.cgi(8) that your system's CGI directory is secure. The program will not run until
this file has been properly defined.
SECURITY REQUIREMENTS
upsset.cgi(8) allows you to try login name and password combinations. There is no rate limiting, as the program shuts down between every
request. Such is the nature of CGI programs.
Normally, attackers would not be able to access your upsd(8) server directly as it would be protected by the LISTEN directives in your
upsd.conf(5) file, tcp-wrappers (if available when NUT was built), and hopefully local firewall settings in your OS.
upsset runs on your web server, so upsd will see it as a connection from a host on an internal network. It doesn't know that the connection
is actually coming from someone on the outside. This is why you must secure it.
On Apache, you can use the .htaccess file or put the directives in your httpd.conf. It looks something like this, assuming the .htaccess
method:
<Files upsset.cgi>
deny from all
allow from your.network.addresses
</Files>
You will probably have to set "AllowOverride Limit" for this directory in your server-level configuration file as well.
If this doesn't make sense, then stop reading and leave this program alone. It's not something you absolutely need to have anyway.
Assuming you have all this done, and it actually works (test it!), then you may add the following directive to this file:
I_HAVE_SECURED_MY_CGI_DIRECTORY
If you lie to the program and someone beats on your upsd through your web server, don't blame me.
SEE ALSO
upsset.cgi(8)
Internet resources:
The NUT (Network UPS Tools) home page: http://www.networkupstools.org/
Network UPS Tools 05/22/2012 UPSSET.CONF(5)