File Permissions

Posts Tagged ‘File Permissions’

Advanced WordPress wp-config.php Tweaks

Wednesday, March 3rd, 2010

The bottom line for this article is that I want to make WordPress as fast, secure, and easy to install, run, and manage because I am using it more and more for client production sites, I will work for days in order to solve an issue so that I never have to spend time on that issue again. Time is money in this industry and that is ultimately (time) what there is to gain by tweaking WordPress.

Note: I spent no time on readability, this is primarily a read the code and figure it out article.. This is for advanced users looking for a reference or discussion and for those of you looking to advance. Feedback would be great if you make it that far..

Tags: 301 Redirect, admin, Advanced, Ajax, Anti-Spam, Apache, askapache, bash, bash_profile, Cache, caching, cheatsheet, chmod, Cookies, CSS, debugging, Elite, encryption, error log, Examples, feed, File Permissions, File System, filesystem, GET, grep, HowTo, Htaccess, HTTP Headers, HTTPS SSL, Javascript, Linux, Login, Logs, Mod_Rewrite, Mod_Rewrite cheatsheet, mysql, password, PHP, php.ini, phpinfo, Port, post, Rewrite Tricks, rewritecond, rewriterule, Security, server, Sessions, Shell, Socket, SPEED, SSH, SSI, stat, trick, umask, Username, Web Hosting, WordPress, wp-config.php
Posted in CSS, Cache, Featured, Hacking, Htaccess, Javascript, Linux Unix BSD, Mod_Rewrite, PHP, SEO, Security, Server Administration, Shell Scripting, Web Design, Web Hosting, Webmaster, WordPress, WordPress Plugins | 5 Comments »

Optimize a Website for Speed, Security, and Easy Management

Thursday, February 18th, 2010

Learn how to setup, configure, secure, optimize, and create a low-maintenance website the AskApache way. I’m piecing together all the hacks, tricks, methods, and ideas discussed throughout this blog and all across Netdom and glueing them all together to show you how to have the most optimized, crazy fastest, and best website setup I can think of.

Tags: 301 Redirect, admin, Advanced, Ajax, Apache, apache server, askapache, Backups, Bandwidth, bleeding edge, blog, Cache, Cache-Control, caching, ColdFusion, compression, CSS, Dig, DNS, errordocument, Etags, Examples, expires header, feed, File Permissions, Flash, GET, Hacking, hacks, Htaccess, htaccess files, Htpasswd, HTTP Error, HTTP Headers, HTTP Status Codes, HTTPS SSL, Javascript, Linux, Login, Logs, Mod_Rewrite, Optimization, optimizations, optimized website, password, password protection, PDF, Performance, PHP, php.ini, Port, post, ram, real deal, Redirect, Redirection, Rewrite Tricks, Robot, robots, robots.txt, Scripts, search and replace, Security, server, server config, servers, SPEED, SSI, stat, SymLinks, trial and error, trick, Web Development, Web Hosting, web server, WordPress, WordPress Plugins
Posted in Apache, Cache, DreamHost, Featured, Hacking, Htaccess, Linux Unix BSD, PHP, SEO, Security, Shell Scripting, Web Design, Web Hosting, Webmaster, WordPress | 9 Comments »

AskApache Debug Viewer Plugin for WordPress

Sunday, April 5th, 2009

The story behind this plugin is sorta wack, but in a good way :). While doing tons of security research on permissions, authorization, access, etc.. for the Password Protection plugin (still being worked on), I needed to have unheard of debugging capabilities while working on the plugin on the various websites, webhosts, and test servers that I use to test in different environments. So I hacked together a bunch of php code that helped me debug, actually I pretty much went overkill and tried to get as much debugging info as programmatically possible, and it ended up being so much code that I took it out of my Password Protection code and made it its own plugin.

Tags: admin, Ajax, Apache, Apache Modules, askapache, authorization, Cache, chmod, Cookies, debugging, error log, fifo, File Permissions, GET, Htaccess, Login, Nice, password, password protection, PHP, php.ini, phpinfo, Port, post, ram, Rewrite Tricks, Security, server, servers, Socket, SSI, stat, umask, Username, WordPress, WordPress Development
Posted in WordPress, WordPress Plugins | 1 Comment »

Password Protection Plugin Status

Sunday, March 1st, 2009

Enumerating Permissions can be Annoying

Don’t ask me how because I won’t tell you, but on one of the hosts I was testing on that did not allow direct access I was able to get the Apache server running as dhapache to erroneously write a file into my users blog directory. This is a big security no-no and I now have my .htaccess file written into the blog directory where it should go, but instead of my php script’s user having write access to the file so I can modify it, its owned by dhapache! Because the file is owned by dhapache I shouldn’t even be allowed to know it exists, but there it is. So the next step was to try and take ownership of the .htaccess file so that I could modify it. I tried and tried but was unsuccessful, I couldn’t modify it so that was another dead end. Actually it took me awhile to figure out how to remove the file from my directory. Being that it was owned by dhapache I couldn’t delete or modify it using my php process or even through ftp/ssh! Sysadmins regularly run find commands that search the servers for any files owned by dhapache that should not be there as this is a big red flag that someone has found a way to manipulate dhapache which could potentially lead to modifying dhapache-owned server config files, which sometimes is all it takes to hack your website and server.. Luckily I was able to delete it by basically running the hack again to overwrite the file.

Tags: .htaccess plugin, 500, admin, Apache, apache security, askapache, AskApache Password Protection, ASP, authorization, chmod, curl, debugging, Dig, DNS, feed, File Permissions, File System, filesystem, Fsockopen, GET, Hacking, Htaccess, HTTP Headers, httpd, HTTPS SSL, Login, Networking, nsa, password, password protection, PHP, php interpreter, Port, post, ram, Redirect, Robot, robots, Scripts, Security, security reasons, security tips, server, server config, servers, Socket, SSH, SSI, stat, Username, Web Hosting, WordPress
Posted in Apache, Featured, Hacking, Htaccess, Mod_Rewrite, PHP, Security, Web Hosting, WordPress, WordPress Plugins | 2 Comments »

Chmod, Umask, Stat, Fileperms, and File Permissions

Wednesday, November 19th, 2008

Unix file permissions are one of the more difficult subjects to grasp.. Well, ok maybe “grasp” isn’t the word.. Master is the right word.. Unix file permissions is a hard topic to fully master, mainly I think because there aren’t many instances when a computer user encounters them. I’ve done a lot of research on it the past couple weeks… and now here’s everything I’ve learned so far.. cuz you guys AskApache Regs Rock!

Tags: 301 Redirect, 302 Redirect, 401, 403 Forbidden, 404 Not Found, 500, 503, Apache, askapache, ASP, Backups, bash, bash_profile, Cache, chmod, Dig, DreamHost, fifo, File Permissions, File System, filesystem, Fsockopen, GET, Hacking, Htaccess, httpd, Linux, Login, password, Perl, PHP, php.ini, Port, Python, ram, Scripts, Security, server, servers, Sessions, Shell, Socket, Source Code, SSH, SSI, stat, trick, umask, Web Hosting
Posted in Apache, Featured, Hacking, Linux Unix BSD, PHP, Security, Server Administration, Shell Scripting, Web Hosting, Webmaster | 5 Comments »

COMPUTER SECURITY TOOLBOX

Friday, September 26th, 2008

List of mainly obscure security software geared more for the master pentester. These are mostly for unix, bsd, and mac and many are difficult to install and setup (require custom servers, inside access points, obscure libraries). Only programs that output data are included, so no actual exploits or anything. Most of these output extremely useful albeit extremely technical information.

Tags: admin, Advanced, Apache, askapache, ASP, Bandwidth, Boot, Cache, CommandLine, console, Cookies, debugging, Dig, DNS, Email, encryption, Ethernet, feed, File Permissions, filesystem, Forms, GET, Google, Hacking, HTTPS SSL, Linux, Login, Logs, Networking, Nice, nsa, password, PDF, Performance, Perl, PHP, Port, post, Prompt, Putty, ram, Redirect, Scanners, Scripts, Security, server, servers, Sessions, Shell, shell script, Sniffing, Socket, SOCKS, Source Code, SPEED, SSH, SSH Tunnels, SSI, stat, Vulnerability, Vulnerability Scanners, Windows XP, Wireshark
Posted in Security | 3 Comments »

AskApache Password Protection, For WordPress

Saturday, March 29th, 2008

AskApache Password Protect adds some serious password protection to your WordPress Blog. Not only does it protect your wp-admin directory, but also your wp-includes, wp-content, plugins, etc. plugins as well. Imagine a HUGE brick wall protecting your frail .php scripts from the endless attacks of automated web robots and password-guessing exploit-serving scripts.

Tags: 403 Forbidden, admin, Apache, askapache, AskApache Password Protection, Backups, File Permissions, GET, Hacking, Htaccess, htaccess files, Htpasswd, Login, Logs, Nice, password, password protection, PHP, phpBB, ram, Robot, robots, Scripts, Security, server, servers, SPEED, SSI, stat, Username, WordPress
Posted in Apache, Hacking, PHP, Security, WordPress, WordPress Plugins | 100 Comments »

Custom PHP.ini tips and tricks

Monday, February 5th, 2007

Describes in exhaustive detail how to change configuration settings and implement a custom php.ini file for use with the Apache Web Server. View latest official php.ini Sections: When php run as Apache Module (mod_php) When php run as CGI When cgi?d php is run with wrapper (for FastCGI) .htaccess code from Ultimate htaccess file RUN PHP AS APACHE MODULE AddHandler application/x-httpd-php .php .htm RUN PHP AS CGI AddHandler php-cgi .php .htm CGI PHP WRAPPER FOR CUSTOM PHP.INI AddHandler phpini-cgi .php .htm Action phpini-cgi /cgi-bin/php5-custom-ini.cgi FAST-CGI SETUP WITH PHP-CGI WRAPPER FOR CUSTOM PHP.INI AddHandler fastcgi-script .fcgi AddHandler php-cgi .php .htm Action…

Tags: admin, Apache, askapache, ASP, Cache, caching, chmod, CommandLine, compression, Cookies, curl, debugging, Dig, DreamHost, Email, error log, Examples, File Permissions, filesystem, GET, Htaccess, htaccess files, HTTP Headers, httpd, httpd.conf, HTTPS SSL, Javascript, Linux, Logs, Mod_Rewrite, mysql, Nice, nsa, password, Performance, PHP, php.ini, phpinfo, Port, post, Powweb, Prompt, ram, Redirect, Redirection, Rewrite Tricks, rewritecond, rewriterule, Scripts, Security, server, server config, servers, Sessions, SetEnvIf, Shell, shell script, Shell Scripting, Socket, SPEED, SSI, stat, trick, ultimate htaccess, umask, Username, Web Hosting, xargs
Posted in Apache, Htaccess, Linux Unix BSD, Mod_Rewrite, PHP, Security, Server Administration, Web Hosting, WiredTree | 13 Comments »

File Permissions

Posts Tagged ‘File Permissions’

Custom PHP.ini tips and tricks

My Picks

Support Freedom or Die

Newest Posts

htaccess Guide

Website Speed Tips Series