Chmod is broken with Litespeed

My host is telling me that chmod does not work correctly with Litespeed. Is this true?

I want my directories to be chmod 750 to prevent directory listing. They told me to use htaccess to prevent directory listing, but I don't want this global for my account and do not want to have to create an htaccess for each directory I want directory listing turned on.

The exact quote from them is the following:

"If you chmod your directories, you'll get a 404 error, not a permission error. It's the way litespeed is designed."

Someone please help! I chmod'd to 750 in the shell and directory listing is still working if I navigate there with a browser.

Any help is greatly appreciated, thank you!

 

my test: if chmod 750 path/to/mydir

Code:

[ERROR] Can not open directory for URI: path/to/mydir

>I chmod'd to 750 in the shell and directory listing is still working if I navigate there with a browser.

litespeed use lsws/share/autoindex/default.php to generate directory index.
so check if the user/group of lsphp and user/group of the directory matches.

for example, if lsphp run as nobody/nobody, and the directory's user/group also nobody/nobody, even if the directory's permission is set to 700, directory listing still working. in this case, change directory's user/group to jedis/jedis(for example) and set permission to 750, will prevent the directory listing.

 

Hi NiteWave,

Thanks for the response. I will do my best to answer your questions.

I can perform the chmod to the directory and do not get an error, but can still pull a directory list by navigating to that directory via a web browser. Litespeed seems to completely ignore the chmod, as if I never performed it, at least as far as chmod 750 is concerned.

My home folder permissions are set to myusername/myusername. I cannot seem to find the lsws directory in my jailed shell to check the permissions. It is not in /usr/local.

Is there anything else I can check on my end? Should I direct my host to this thread to read your response?

Any additional help you can provide would be greatly appreciated.

Thank you!

 

>Is there anything else I can check on my end?

#ps -ef|grep lsphp

 

654 11237 10958 8 07:35 ? 00:00:01 lsphp5
654 12428 10958 6 07:35 ? 00:00:00 lsphp5
599 12434 10958 0 07:35 ? 00:00:00 lsphp5
myusername 12454 8309 0 07:35 ? 00:00:00 grep lsphp

 

got to understand your situation.

your php run in suEXEC mode, which has same uid/gid as your home folder.

so auto directory indexing happens on a folder which has least 500 permission, include 750. unless you set the directory's permission to 000.

there is a possible way to implement your requirement: customize your own autoindex script. when directory permission is 750, then the script won't index.

there is a wiki page regarding customizing auto index script:
http://www.litespeedtech.com/support/wiki/doku.php?id=litespeed:wiki:autoindex

also please refer this forum thread:
http://www.litespeedtech.com/support/forum/showthread.php?t=3880&highlight=autoindex

 

Just turn off directory indexing at the document root directory via .htaccess, all sub directories will be off by default.

 

See above. I don't want a global .htaccess file.

Chmod really should be made to work correctly with LiteSpeed, like how it does with Apache. I was frustrated enough, I almost had them move me to a server that didn't have LiteSpeed and just had regular old Apache.

 

please try:
1. copy the default.php to your home folder

Code:

cp /usr/local/lsws/share/autoindex/default.php /home/myusername/test/myindex.php

2.edit .htaccess in your document root -- assume it's ~/public_html/.htaccess
add one line:

Code:

alias /_autoindex/default.php /home/myusername/test/myindex.php

3.edit /home/myusername/test/myindex.php
change:

Code:

function readDirList( $path, &$excludes, &$map )
{
        $handle = opendir( $path );

to

Code:

function readDirList( $path, &$excludes, &$map )
{
        $perms = fileperms($path);
        if(($perms & 0x0004)==0)
        {
                return null;
        }
        $handle = opendir( $path );

Has tested above code sample at my local lsws. Please share with us if it works at your end as well.

 

I can't find that file in my jailed shell. Is it available online somewhere so I can get a copy of default.php?

Thanks!

 

Code:

I can't find that file in my jailed shell. Is it available online somewhere so I can get a copy of default.php?

download the latest standard version(current 4.0.14) lsws to your site's host(or local PC). extract the .tar.gz file, default.php located at lsws-4.0.14/share/autoindex/default.php

 

Doesn't appear to be working.

Note that I don't have a /_autoindex/ directory in my jailedshell.

 

step 2:

Code:

alias /_autoindex/default.php /home/myusername/test/myindex.php

sorry, alias may not work in .htaccess
refer:
http://httpd.apache.org/docs/2.0/mod/mod_alias.html#alias
Context: server config, virtual host

please ask your host provider to add it to your virtual host configuration file if you can't.

 

I was told by my hosting provider that it cannot be done because cPanel will rewrite the VirtualHost every time.

 

Tell your host to create an include file for this and uncomment the relevant include line in the virtualhost for the domain. These includes exist specifically for things like this. A commented explanation of this is even provided in the httpd.conf by cPanel.

 

I told them and they said they can't (won't) do it because cPanel automatically generates them. Yes, I copied and pasted, word for word, what you said into my support ticket. That was their response.

They offered to move me to another server that uses Apache instead to get around the issue. I'm just going to drop the matter. Perhaps LiteSpeed can make it easier for users on shared hosting to make this change themself with future versions.

Thanks for the help here guys. Sorry it was for nothing.

 

http://www.cpanel.net/documentation/easyapache/customdirectives.html

Scroll down to "httpd.conf changes contained in a <VirtualHost>"

In short, their reasoning is garbage. But I would agree that it isn't very convenient to customize the directory index. Nor is it even remotely compatible with Apache; which is odd given that LiteSpeed's claim to fame is "Apache interchangeable".