Answer the question
In order to leave comments, you need to log in
How to restrict any access to files and folders of one user from another on a web server?
Hello, please help me solve one problem (security hole).
Let me give you an example:
Our server has site1.ru. This site is owned by user1. The site is powered by CMS Bitrix.
This site has 2 files that store passwords from the database:
/var/www/user1/data/www/site1.ru/bitrix/.settings.php and /var/www/user1/data/www/site1.ru/bitrix /php_interface/dbconn.php
We also have site2.ru on our server. This site is owned by user2.
This site has a test script:
/var/www/user2/data/www/site2.ru/test.php
The content of this script is as follows:
include '/var/www/user1/data/www/site1.ru/bitrix/php_interface/dbconn.php';
echo $DBPassword;
$arr = include '/var/www/user1/data/www/site1.ru/bitrix/.settings.php';
print_r($arr);
Answer the question
In order to leave comments, you need to log in
set permissions to 750 on site directories and run php-fpm with different users.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question