The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
|||||||
|
#21
10-18-2008, 08:36 PM
|
|||
|
|||
actually, this whole topic have no place on this site... the ONLY thing you can do is TALK TO YOUR HOST SUPPORT STAFF... isn't it that easy to understand ???
|
|
#22
10-19-2008, 06:46 AM
|
|||
|
|||
|
Quote:
Code:
# chown -R apache:root /etc/vb # chmod 0640 /etc/vbulletin/config.php https://vborg.vbsupport.ru/showthread.php?t=148209
|
|
#23
10-20-2008, 07:14 AM
|
|||
|
|||
|
The webserver process will always need read access to the config file. This will ost likely mean you can not set permissions in such a way that others will not have read access.
|
|
#24
10-23-2008, 09:57 AM
|
||||
|
||||
|
Quote:
chown lighttpd config.php Means nothing else than that the user PHP or the Webserver is running under can read this file. Since this is the case, it's useless to move that file anywhere and then softlink it back in the webroot. Doing a: chown root:root config.php With the 0600 permission would leave the file unreadable to everyone except "root" but this also means you have to run your PHP / Webserver with "root" rights in order that this file can be read by Vbulletin or you'll see the "Database Error" page. Also - when not creating symlinks that point in your webroot you can configure your Webserver in a way to ignore any symlinked files which might give a performance plus. The way with moving the file, then symlinking it back has no advantage, a simple "cat config.php" will still work. Back to the problem - move away from this hoster. If it's possible that another customer can upload a PHP shell - by accident or not - and then someone can browse all sites including the ones of other customers as well there's a huge security problem. If that is possible - trying to secure your VB installation will never be successful
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT. The time now is 10:03 PM.