Writable Directory Security

Discussion in 'Feedback/Feature Requests' started by QuantumNet, Mar 9, 2010.

  1. QuantumNet

    QuantumNet Well-Known Member

    Writable directories need to be detectable from within the apache configuration as well as the litespeed configuration.

    This will add a greater level of security as we will be able to globally lock down writable directories so attackers cannot execute scripts within them

    <Directory {if directoryPerms > 755}>
    AllowOverride None
    Options -Indexes
    Options -ExecCGI
    AddHandler cgi-script .php .php3 .php4 .phtml .pl .py .jsp .asp .htm .shtml .sh .cgi


    This is currently doable via htaccess, but htaccess can be overwritten if perms are not correct.

    It is also not controllable on a global level which is important for shared multi tenant server security. As we cannot monitor which directories the end user creates but we want to maintain a specific level of security for the system.

Share This Page