Hi,

I am a new owner of a Raq4, and also have very little (VERY little) linux knowledge.

I have got pretty much everything working well on it, but there a few things I would like to do and that I have to sort out and need some help on.

1. Directory snooping.
I have read other posts regarding this, and it is something that I would like to stop on all sites. (is this something that is easy to do and that can happen automatically when new virtual sites are created using the raq gui?) If someone can help here, it would be much appreciated.
Also if anyone has any suggestions on why I would NOT want to protect against it for my clients I would be interested to hear.
(please keep in mind, little or NO linux knowledge, so please try and make answers step by step and understandable to someone who has nowhere near as much knowledge as yourself.)

Thankyou in advance.

WebWorx

Directory Snooping...

FTP? As far as I've seen, and I've had a couple raqs's, FTP users are kept within their respective areas. They can't browse the whole server via FTP.

SSH/Telnet? I'm not sure of anyway to easily prevent this. I wouldn't give ANYONE a shell account. I'd rather have them go elsewhere.

Sorry, should have explained a little better.
(presumed directory snooping would sum it up.)

When people are browsing, say http:domain.com/images they can see all the images in that directory.

Is there any way of stopping this automatically, other than putting an index.htm in every directory? Should I even bother worrying about this?

WebWorx

every virtual host i've ever used(and there has been alot of them) has left that up to me to figure out.

i don't know about doing it automatically. i have never heard anything about an automatic way. i've always just included an "you're not supposed to be here" index page and/or played with the permissions.

and definately, do not give out shell accounts to your clients, unless you trust them. and definately, disable telnet in the control panel, and install SSH.

.htaccess file in your main directory will do the trick.

See

http://www.webhostingtalk.com/showthread.php?s=&threadid=4291&highlight=Index


Place .htaccess file with the default home page template file in /etc/skel/en_US/group/web/

and it will be created automatically for you for every new vsite.

Originally posted by NewonNet
.htaccess file in your main directory will do the trick.

See

http://www.webhostingtalk.com/showthread.php?s=&threadid=4291&highlight=Index


Place .htaccess file with the default home page template file in /etc/skel/en_US/group/web/

and it will be created automatically for you for every new vsite.

NewonNet.

I placed Options -Indexes in the .htaccess file in the /web directory of the site. Works perfectly. Thankyou.

As for place .htaccess file with default home page template file, is this simply a matter of copying the one I just modified and moving or placing in the directory you stated? (Also, how do you copy and paste or move this file???)
Will this override the .htaccess file created presumably by frontpage?

WebWorx

If you have frontpage, you'll need to add to the existing frontpage .htaccess

The automatically created files won't work for this.

You can also do this to httpd.conf for the whole server or inside <vhost>

Thanks NewonNet,

I have it all working just perfectly.

WebWorx:D