Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Shells Virtual Desktop
BMail.ag - Secure Email Service
Server.net
CPLicense.net
VPS Server
Buy VPN
Vultr
VMs for AI
HostDare
HostDare
ReliableSite White-Label Dedicated Hosting for Resellers
25% Recurring Discount on NVMe VPS
InterServer VPS
BMail.ag - Secure Email Service
Best VPN
High-Performance Bare Metal Server Solutions
Karvl.com
Server Mania Cloud Hosting
DataWagon Hosting
AlphaVPS Hosting
Evoxt.com
Clouvider
VPS Hosting with NVMe
Residential IPs in the US & 4G Mobile Proxies in EU & US with Unlimited Bandwidth
ReliableSite White-Label Dedicated Hosting for Resellers
Rabisu - Hosting Solutions
Shells Virtual Desktop
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

symlink protection

Do you recommend enabling symlink protection on shared hosting servers?

Thanks

Comments

  • AlexanderMAlexanderM Member, Patron Provider, Top Host

    Yes.

  • khavkhav Member

    @PremiumN
    Its a must to implement symlink protection

    Suppose one of your cilent website is vulnerable to SQL injection or suffers from file upload vulnerability.Then a hacker can upload a malicious php (know as a shell).From there he/she will try to symlink so as to get access to all your cilents data on the node.
    Once a symlink attack is successful then mass deface is possible

    In a matter of mins , hundred if not thousands of websites can get defaced , their database stolen.

    And its just the beginning....

  • @AlexanderM @khav

    Thanks for your reply

  • smansman Member
    edited April 2014

    The more I get my php sites hacked the more I hate php. Seems quite primitive in this day and age to be running websites where browsers can access the files directly. Newer languages like python work so much more securely for this. Not letting browsers access the files directly goes a LONG way to making things more secure.

  • @sman said:
    The more I get my php sites hacked the more I hate php. Seems quite primitive in this day and age to be running websites where browsers can access the files directly. Newer languages like python work so much more securely for this. Not letting browsers access the files directly goes a LONG way to making things more secure.

    Please apply your own hand to your face. Yeah... thanks.

  • smansman Member

    @MassNodes said:
    Please apply your own hand to your face. Yeah... thanks.

    Instead of making smart ass remarks how about elaborating. Or are you just talking out of your ass?

  • @sman said:
    Instead of making smart ass remarks how about elaborating. Or are you just talking out of your ass?

    • Python is older then PHP.
    • Both have file access
    • The browser doesn't access the file directly.... wtf
    • They both have their own strong points and reason for use.
  • smansman Member

    @MassNodes said:

    • They both have their own strong points and reason for use.

    Where is index.php or equivalent in python? Rhetorical question. You obviously don't know what you are talking about.

  • I'm not going to derail this guys post. I'm not going to satisfy your obvious troll.

  • smansman Member
    edited April 2014

    @MassNodes said:
    I'm not going to derail this guys post. I'm not going to satisfy your obvious troll.

    Yea, pointing out there is an index.php file is an obvious troll...lol. Have you ever even set up a web page before?

  • index.php?? Really???

  • @sman said:
    Yea, pointing out there is an index.php file is an obvious troll...lol. Have you ever even set up a web page before?

    Seriously??

    PHP is not visible in the browser, the output is. (sometimes)

Sign In or Register to comment.