Archive for the tag 'directory'

SBDavid

Running CGI script from any directory

Running CGI script from any directory

In order to force apache to allow cgi script to run, simply create a file called .htaccess inside the directory in which you wish to run the scripts. Inser this text into the file:

AddHandler cgi-script .cgi .pl

AddHandler maps the filename extensions extension to the handler handler-name. This mapping is added to any already in force, overriding any mappings that already exist for the same extension. For example, to activate CGI scripts with the file extension “.cgi”, you might use:

AddHandler cgi-script .cgi

Once that has been put into your srm.conf or httpd.conf file, any file containing the “.cgi” extension will be treated as a CGI program.

The extension argument is case-insensitive, and can be specified with or without a leading dot.

SBDavid

Running CGI script from any directory

Running CGI script from any directory

In order to force apache to allow cgi script to run, simply create a file called .htaccess inside the directory in which you wish to run the scripts. Insert the following text into the .htaccess file:

Options +ExecCGI
AddHandler cgi-script .cgi .pl
SBDavid

Directory Permissions

Directory Permissions

If you want to prevent other users from reading the contents of your files, you have two choices:

You can set the permission of each file to 0600, so only you have read/write access.

You can put the files in a directory and set the permission of that directory to 0700, which prevents other users from accessing the files in the directory (or in any of the directory’s subdirectories) unless there is a link to the file from somewhere else.

Note the following:

You must have execute access for a directory to make it your current directory (via cd or chdir) or to change to any directory beneath (contained in) that directory.

If you do not have execute access to a directory, you cannot access the files within that directory, even if you own them.

0755 / Anybody can view the contents of the directory, but only the owner or superuser can make changes.

1777 /tmp Any user can create a file in the directory, but a user cannot delete another user’s files.

0700 $HOME A user can access the contents of his home directory, but nobody else can.

To allow anonymous users to upload, it is recommended that a write-only directory be created within /var/ftp/pub/.

To do this, type:

mkdir /var/ftp/pub/upload

Next change the permissions so that anonymous users cannot see what is within the directory by typing:

chmod 730 /var/ftp/pub/upload

A long format listing of the directory should look like this:

drwx-wx— 2 root ftp 4096 Feb 13 20:05 upload

Additionally, under vsftpd, add the following line to the /etc/vsftpd/vsftpd.conf file:

anon_upload_enable=YES

Because FTP passes unencrypted usernames and passwords over insecure networks for authentication, it is a good idea to deny system users access to the server from their user accounts.

To disable user accounts in vsftpd, add the following directive to /etc/vsftpd/vsftpd.conf:

local_enable=NO

rsync to backup your home directory and mysql databases.

Run the below rsync command using “nohup”, nohup runs a command immune to hangups, with output to a non-tty.

Rsync your home directory’s to your backup server.

Replace $IP with the IP address for your production server.

Run the below commands from your backup server.

#rsync -vrplogDtH –exclude=virtfs/ –progress -e ssh root@$IP:/home/ /home/

rsync all mysql databases.

#rsync -vrplogDtH –progress -e ssh root@$IP:/var/lib/mysql/ /var/lib/mysql/

Backup DB server_support

rsync -vrplogDtH –progress -e ssh root@$IP:/var/lib/mysql/server_support /var/lib/mysql/

« Prev - Next »