Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : Hosting Security and Technology Tutorials : How to reduce risk uploads directories

[andreyka]

This is small script, which search upload directories and add .httaccess for disable php and cgi script execution:
#!/bin/sh
HOME=/home
NOBODY=nobody

htaccess () {
cat > "$j/.htaccess"

RemoveType php
Options -ExecCGI -Indexes
EOF
}

fixupload () {
if [ -e "$j/.htaccess" ]; then
if [ -z "`grep RemoveType "$j/.htaccess"`" ]; then
htaccess
fi
else
htaccess
chown $i:$i "$j/.htaccess"
fi
}

cd $HOME
for i in *; do
if [ -d $i/public_html ]; then
# Fix 777 upload
for j in `find $i/public_html -type d -perm 777`; do
fixupload
done
# Fix 775 nobody upload
for j in `find $i/public_html -type d -perm 775 -group $NOBODY`; do
fixupload
done
# Fix 755 nobody upload
for j in `find $i/public_html -type d -perm 775 -user $NOBODY`; do
fixupload
done
fi
done

[markhard]

have any body try this script?

question for andreyka, does your script can prevent hackers from uploading perl script?

usually hacker using mambo/joomla security hole to upload script that can download files from internet and then execute it on /tmp

[Markus H]

You can add you /tmp directory in noexec mode.

This will help you to found script that have been uploaded to your /tmp directory.

Quote:

find /tmp -exec file {} \; | egrep -i '(script|exec)'

[andreyka]

Usually some pic gallery don't check files what be uploaded. If somebody upload php scritp and run it - recive access to site.
This script pervent do it.