CloudLinux - apache - CloudLinux Blog

Introducing SecureLinks for Apache

Due to static pages being retrieved by apache user (or nobody, depending on your install) -- it was very hard to protect against.Some hosts used SymLinksIfOwnerMatch directive instead -- but that din't really work, as race condition (when symlink is made to point to hacker's file, and then to good user's file) makes it very simple to exploit.As par...
Continue reading
  3924 Hits