Writable Directory Security

Discussion in 'Feedback/Feature Requests' started by QuantumNet, Mar 9, 2010.

  1. QuantumNet

    QuantumNet Well-Known Member

    Writable directories need to be detectable from within the apache configuration as well as the litespeed configuration.

    This will add a greater level of security as we will be able to globally lock down writable directories so attackers cannot execute scripts within them

    <Directory {if directoryPerms > 755}>
    AllowOverride None
    Options -Indexes
    Options -ExecCGI
    AddHandler cgi-script .php .php3 .php4 .phtml .pl .py .jsp .asp .htm .shtml .sh .cgi

    </Directory>


    This is currently doable via htaccess, but htaccess can be overwritten if perms are not correct.

    It is also not controllable on a global level which is important for shared multi tenant server security. As we cannot monitor which directories the end user creates but we want to maintain a specific level of security for the system.
     

Share This Page