Rank: Administration
Groups: Administration, Member Joined: 12/29/2005(UTC) Posts: 275
|
We have many users on our servers who allow uploads in one form or another, from the users who browse their sites. It is to be remembered that by default all folders have execute permissions what that means is that if you are not doing any checking on the file types being uploaded to your webspace you are in for a site defacement. Anyone could then upload an asp/php etc file and play with files in your webspace.
Follow the following to steps if you want to increase security for upload folder(s)
1. Do some kind of file type checking, only allow what is required.
2. Open a ticket with us with the following information
Domain Name: Uploads Folder:
And ask the tech to remove execute permissions from that folder through IIS.
Good Luck!
|
|
|
|
Rank: Newbie
Groups: Member
Joined: 1/10/2006(UTC) Posts: 3 Location: UK-Portugal
|
Nasir, just a tought of a new guy why you don´t do the other way round...
No permission on ALL and if custumor needs send ticket requesting to enable that, or give us the chance oif turn up or off
|
|
|
|
Rank: Administration
Groups: Administration, Member Joined: 12/29/2005(UTC) Posts: 275
|
Well if there are no execute permissions at all then you will not be able to run anything at all and for every new site you will have to open a ticket, frustration all around :)
The second idea is very good of allowing the customers to do it but again this thing is limited by the control panel that we are using, it does not allow the customers to do that.
So the best solution that came to my mind was to ask the customers if they want extra security just open a ticket and we are fast at tickets arent we :)
|
|
|
|
Forum Jump
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.
Important Information:
The HostingFest Forums uses cookies. By continuing to browse this site, you are agreeing to our use of cookies.
More Details
Close