Zack9
06-26-2003, 07:54 AM
Good evening ,
can someone please tell me how can I stop CGI/Perl shell scripts on my server?
Regards
can someone please tell me how can I stop CGI/Perl shell scripts on my server?
Regards
 | View Full Version : CGI/Perl shells sprintserve 06-26-2003, 08:12 AM For PHP shells, you can use open_basedir and restrict them to their home directories. That alone should be sufficient. Additionally, you can switch on safe mode. And lastly, if your permissions are down right, you can also run phpsuexec and limit them further. For CGI shells, you can jailroot Apache. You must switch on suexec too, and make sure you set the right permissions. Slidey 06-26-2003, 09:05 AM delete perl ? :D Tariq 06-26-2003, 01:06 PM Thanks man , but could you please explain how to do all this? sorry but I'm a newbie:rolleyes: chirpy 06-26-2003, 01:50 PM For CGI shells, you can jailroot Apache. You must switch on suexec too, and make sure you set the right permissions This is a good idea, though no simple task. Though, unfortunately, it also does not guarantee anything as it can be trivial to work around the jail. The only real answer is to enable a CGI Wrapper (e.g. SuExec) and set your *nix directory and file permissions correctly. hiryuu 06-26-2003, 05:08 PM If your intention is to all-out stop them, just remove mod_cgi from your apache (and any associated entries in your httpd.conf). 4I1 06-26-2003, 07:54 PM always search in your server for *.pl files this for perl and cgi .. and phpshell you can stop with turn on the safe mode in php.ini Reqards, chirpy 06-27-2003, 04:32 AM always search in your server for *.pl files this for perl and cgi Will achieve little. It would be easy to hide the code in a script - you don't want to spend your whole day debugging perl scripts do you? flashwebhost 06-28-2003, 02:10 AM Originally posted by chirpy The only real answer is to enable a CGI Wrapper (e.g. SuExec) and set your *nix directory and file permissions correctly. [/B] SuExe already enabled, how to set the *nix directory and file permission ? I found some server running PHP Safe Mode OFF No open_basedir on httpd.conf Still can't browse through /home directory. Hope this done through Permission settings, How i do this ? SynHost 06-28-2003, 03:28 PM Originally posted by chirpy Will achieve little. It would be easy to hide the code in a script - you don't want to spend your whole day debugging perl scripts do you? Yeah, and also they aren't necessarily .cgi or .pl, they could be anything in the cgi-bin directory that is executable. |