i'm supposed to take over an old laravel project which is hosted (and presumably previously managed) using cpanel. i can see a lots of 0kb files in the public_html dir. for ex:
55ojAH
FnhBRE
ioZ5MP
myApp_dNWuzR
myApp_TdfPsE
etc. i'm guessing those are temp files but looking for an explanation, by which process those 6 digits files were created.
Related
There is a malicious folder called engl in my websites files. Each folder I open like wp-includes or wp-content, there is a folder named engl.
How do I remove it from every folder in one go?
I tried deleting the folder manually but it is taking a lot of time. Then, I used FileZilla but still I have been unable to do it
My site has been compromised with infected. htaccess files in every folder.
Is about 400 files every was so I wonder how can delete these files without going thru every folder in the file manager in Cpanel?
any ideas anyone?
the default install of apache in CentOS or RHEL, looking at file system permissions for html directory in /var/www/
drwxr-xr-x. 2 root root 4096 Aug 13 2013 html
My website works, and I have no issues with it, however I would like to know why and when do we need to set the directory to apache:apache?
Thank you
Since Apache is not running as root (presumably, hopefully), it only has read permissions on the directory as part of the last o=rx. This is a good default, since it means that it cannot alter the directory, only passively read and serve files from it. Everything running under an Apache process (e.g. mod_php) thereby has the same restrictions. That prevents a lot of common rookie exploits, like allowing uploads of .php files into a public web folder; because Apache/PHP cannot write into the web folder.
You should assign directories that Apache/PHP/CGI should explicitly be able to write into to apache/www-data (depending on your OS/configuration). It's not typically a good idea to do this with any directory under /var/www, you should leave that read-only as much as possible. However, adding an application-specific folder to something like /usr/local/var/<my website> with write permissions for Apache and selectively sym-linking or mod_rewriting to it is fine.
When your website need permission to modify direction/file on web app folder, you have 2 choices: 1) chmod folder to 777/666 or 2) change owner of these folders/files to apache
Sometimes, change owner is prefer to chmod because of security reason.
I have two folders for a particular web site. There is the main www.mysite.com site which is at home/user/public_html and then I have a sub domain -> dev.mysite.com for the latest under development version of the site at /home/user/dev_html
Maybe because of laziness in the past when moving the new site to the main directory, I have just backed up the current site, downloaded it via ftp, erased the site files and then uploaded the new site. However, ftp is so slow and unreliable that this is a ridiculously slow and error prone way of doing it - especially for big sites.
So I was thinking of just logging in via ssh and then moving all the files out of public_html and then copying the new files from dev_html but then it struck me. Can't I just change the name of the public_html folder to something like public_html_old and then change dev_html to public_html? Will Apache go mental if I do this?
Forgive me if this is a stupid question.
What you propose is fine. In fact, you can do it in one line from the CLI.
mv public_html public_html_old && mv dev_html public_html
You can also try the following...
Create a symbolic link to the current main site, eg (assuming the current site resides in a v1_html directory)
ln -s v1_html public_html
Then, to switch document roots...
rm public_html && ln -s v2_html public_html
If you can access the server in SSH, you can use cp command to copy your directory files to public_html or rename the folder as you suggested.
Be sure to stop the Apache service first.
I have a had a wordpress site up and running for over a month, and I have set that my uploads be organized by month/year.. When april was made the uploads stopped working.
The permissions on the wp-content and uploads are 775, the permission of 04(folder) was 747 and the owner was "apache" I've never run into this issue before on any wordpress site, how do I correct this for the future and fix the present issue?
I changed the organization option and I still can't upload.
The error is
The uploaded file could not be moved
to
/var/www/vhosts/websitename.com/httpdocs/wp-content/uploads.
Can you upload by FTP to that folder? It could be a problem of lack of disk space (or quota), specially if this is a shared hosting. But even in VPS or dedicated, sometimes the /tmp directory where PHP first uploads the files is mounted from a different filesystem than /var (where the apache vhost root is probably located). That could explain why you can upload it but not move it.