Needs help on configurate virtual hosts on linux
Posted: Sun Oct 04, 2009 11:16 pm
hi,all,i am configurating my vhost system,when users register and apply for a virtual host space ,users can get ftp and mysql accounts ,and they also are able to run websites on my server based on LAMP and pure-ftpd ,ubuntu server 8.04.
But some system security appears when i have following steps done.
First,i apply for a vhost spaces named "test" on the server.
Secondly , upload a file hack.php to the space.
Last,edit the hack.php: <?php
umask(0);
mkdir("/var/www/foolish",0777);
?>
when i try to run this script by typing "test.domain.com/hack.php" in my browser,a folder name "foolish" appears in my DocumentRoot.
wat should i do about distributting permissions between my apache2 and pure-ftpd users?Hopes anyone would help mee,thanks!
But some system security appears when i have following steps done.
First,i apply for a vhost spaces named "test" on the server.
Secondly , upload a file hack.php to the space.
Last,edit the hack.php: <?php
umask(0);
mkdir("/var/www/foolish",0777);
?>
when i try to run this script by typing "test.domain.com/hack.php" in my browser,a folder name "foolish" appears in my DocumentRoot.
wat should i do about distributting permissions between my apache2 and pure-ftpd users?Hopes anyone would help mee,thanks!