 |
LiquidQuest
User
Feb 19, 2007, 8:09 AM
Post #1 of 2
(680 views)
Shortcut
|
|
how do i protect my 777 chmoed UPLOADS folder?
|
Can't Post
|
|
the uploads folder, which requires the chmod of 777 allowed a hacker to force three files into that folder some how, which gave him remote access to that directory.
is there away to protect the uploads directory from this kind of attack again??
thanks
Marssin
|
|
| |
|
ross
Staff
/ Moderator
Feb 19, 2007, 1:11 PM
Post #2 of 2
(675 views)
Shortcut
|
|
Re: [LiquidQuest] how do i protect my 777 chmoed UPLOADS folder?
[In reply to]
|
Can't Post
|
|
Hi Marssin
Thanks for posting!
First off, I don't think this is going to be an issue specifically to do with Article Manager. The only way to get files onto a server like this is if you have access to the server. The fact that the folder has 777 permissions alone isn't going to be a security risk. It's only if someone else is able to get onto the server and put files into that folder.
One way will be to use Article Manager but you would need a valid login name and password to get there and even from there, as the administrator for Article Manager, you control what kind of files can be uploaded.
What I suggest is changing all of your passwords and double checking with your webhost all the different FTP accounts that are setup for your site to make sure they are all yours. You could perhaps even ask them what they think of the fact the folder has 777 permissions and what ways you can prevent people from being able to access your server and use that folder.
Keep me up to date with this one as I definitely want to make sure everything stays nice and secure on your server  .
-----------------------------------------------------------
Cheers,
Ross Fairbairn - Product Specialist
support@interactivetools.com
Hire me!
Save time by getting our experts to help with your project. Template changes, advanced features, full integration, whatever you need. Whether you need one hour or fifty, get it done fast with Priority Consulting.
|
|
| |
| | |
|
