suphp how disable ls /
Posted
by
Pol Hallen
on Server Fault
See other posts from Server Fault
or by Pol Hallen
Published on 2013-06-30T19:26:50Z
Indexed on
2013/06/30
22:22 UTC
Read the original article
Hit count: 332
Using suphp, I set a php.ini to every virtual host. In php.ini I also setted:
open_basedir = /home/site1
php script runs, but if I ve a script with ls / I can see whole root directory.
How can disable this hole security?
<VirtualHost *:80>
ServerName site1
ServerAlias www.site1.com
DirectoryIndex index.html index.htm
DocumentRoot /home/site1/
suPHP_Engine on
AddHandler x-httpd-php .php .php3 .php4 .php5
suPHP_AddHandler x-httpd-php
# THIS READ php.ini
suPHP_ConfigPath /home/site1/
<Directory /home/site1/>
Options -Includes -Indexes -FollowSymLinks -ExecCGI -MultiViews
AllowOverride none
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
© Server Fault or respective owner