HellBound Hackers
Join us at IRC!
Society leans ever heavily on computers, if you have the power to take out computers you can take out society. - cubeman372
Friday, May 25, 2012
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
HellBoundHackers Additional:
Shop
Learn
Communicate
Submit
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Interact
Other
HellBoundHackers Executive:
HellBoundHackers Leisure:
Members Online
Total Online: 26
Web Spiders: 13
Guests Online: 24
Members Online: 2
thehare, CrOnUs

Registered Members: 70208
Newest Member: andresuran
Latest Articles
View Thread

HellBound Hackers | Computer General | Programming
Author

PHP Web Hosting Project.
Sweni
Member



Posts: 36
Location: Sweden, Gothenburg
Joined: 06.06.08
Rank: God
Posted on 09-06-09 18:40
Hey! I'm making a web hosting site as a hobby project.
And my problem is that anyone could upload php files and then read my root files or whatever they want.
So could I do so their php files could just read from their own directory?

My structure is like this:
htdocs/ (with all pages)
htdocs/user1/
htdocs/user2/
etc.

Thx for any help.
Author

RE: PHP Web Hosting Project.
Pwnzall
Member



Posts: 234
Location:
Joined: 10.04.08
Rank: Hacker Level 3
Posted on 09-06-09 19:15
I haven't used this, but look into .htaccess and .htpasswd files. They allow you to determine who gets to access your files and which files the can have access to.
http://www.google.com/search?client=opera&rls=en&q=.htaccess&sourceid=opera&ie=utf-8&oe=utf-8

Pure madness! There must be a method! There is a method!
Author

RE: PHP Web Hosting Project.
ranma
Member



Posts: 269
Location: Behind a sphere
Joined: 27.08.05
Rank: HBH Guru
Posted on 17-06-09 20:14
What pwzall said or you could use regex on their files to check for things that could compromise your site. I have a website such as the one you describe, but I sorta rely on the people not knowing how to hack it to protect it :p. It would be fairly easy though.
Who will be using your website?

Wisdom spared is wisdom squared.
Author

RE: PHP Web Hosting Project.
Sweni
Member



Posts: 36
Location: Sweden, Gothenburg
Joined: 06.06.08
Rank: God
Posted on 18-06-09 01:06
Nothing seems to be working. The user can easily upload shell scblockedripts or get any file on the computer.
So is there a way to just let the users php files read from their own subdirectory?

ranma wrote:
Who will be using your website?

Probably nobody x)
But security is the most important piece in this project.
Guest
Username

Password

Remember Me


Bookmark This Page
Affiliates
Adverts

 

 

Links

Anime Wallpaper Site
By using, viewing or obtaining any information contained on this site, you agree to the disclaimer.

© HellBound Hackers 2008- 2009. Since 3rd December 2004.

20612632 Unique Visits

Powered by HBH-Fusion