File Permission 0600 problem
I have a problem in WHM
I have some files that I need to not beeing accesible from a web browser so I set permission 0600 so only the owner can read and write that file.
I have this escenario
mydomain.com/files/report1.img
I do not want people enter to that url and see the file report1.img
So I set permission chmod 0600 report1.img
It used to work before, but now even if I seet that permission when I try to enter to that url on a web browser I can see the file
from terminal I can see the file has the permission properly assigned -rw-------
But I still can access that file from a browser.
Could you help me out to figure it out what is going on please
This is my System:
CentOS v7.9.2009 Standard
cPanel Version: 110.07
Thank you in advance
-
The web service (apache) is calling the file as the user that owns that file (also the cpanel user) and since that user has read permission, then its going to be browseable. You should probably move any files that are not publically accessible outside the public_html folder in general. 0 -
Also for that matter you could use .htaccess to deny all visitors to that directory, or you directory security in cPanel to create a login when trying to browse that folder. 0 -
Great answers, @GOT 0 -
Thank you for your reply, the weird thing is in the server I had before the permissions used to work to deny access to some files, I will do it with .htaccess Thanks again for your help 0 -
Sounds like the server you are on now is using mod_ruid2, which I'm not sure how common it is used (I don't use it). With mod_ruid2 - everything in the VirtualHost is accessed by owner of that VirtualHost (defined in the VirtualHost configuration). So even images and text files are read by the Linux server user owned by that VirtualHost. Typically only PHP and CGI scripts are executed as the VirtualHost owner. Static content such as images, text files, HTML documents are accessed by the user running the web server. In this scenario, setting permissions of an image to 0600 and owned by your Linux user would not have significant privileges for the web server user (the user nobody on cPanel servers) to read the file. 0
Please sign in to leave a comment.
Comments
5 comments