52
Chapter 5. Server Security
5.5.3. The
UserDir
Directive
The
UserDir
directive is disabled by default because it can confirm the presence of a user account on
the system. If you wish to enable user directory browsing on the server, use the following directives:
UserDir enabled
UserDir disabled root
These directives activate user directory browsing for all user directories other than
/root
. If you
wish to add users to the list of disabled accounts, add a space delimited list of users on the
UserDir
disabled
line.
5.5.4. Do Not Remove the
IncludesNoExec
Directive
By default, the server side includes module cannot execute commands. It is ill advised to change this
setting unless you absolutely have to, as it could potentially enable an attacker to execute commands
on the system.
5.5.5. Restrict Permissions for Executable Directories
Be certain to only allow write permissions for the root user only for any directory containing scripts
or CGIs. This can be accomplished by typing the following commands:
chown
directory_name
chmod 755
directory_name
Also, always verify that any scripts you are running work as intended before putting them into pro 
duction.
5.6. Securing FTP
The File Transport Protocol (FTP) is an older TCP protocol designed to transfer files over a network.
Because all transactions with the server, including user authentication, are unencrypted, it is consid 
ered an insecure protocol and should be carefully configured.
Red Hat Linux provides four FTP servers.
  gssftpd
  A kerberized FTP daemon which does not pass authentication information over the
network.
Red Hat Content Accelerator (
tux
)   A kernel space Web server with FTP capabilities.
  vsftpd
  A simplified, security oriented implementation of the FTP service.
  wu ftpd
  A highly configurable, full featured FTP daemon.
The following security guidelines are for setting up the
wu ftpd
and
vsftpd
services.
Important
If you activate both the wu ftpd and vsftpd services, xinetd will only activate vsftpd because it
comes first alphabetically.






footer




 

 

 

 

 Home | About Us | Network | Services | Support | FAQ | Control Panel | Order Online | Sitemap | Contact

web hosting comparison

 

Our partners: PHP: Hypertext Preprocessor Best Web Hosting Java Web Hosting Inexpensive Web Hosting  Jsp Web Hosting

Cheapest Web Hosting Jsp Hosting Cheap Hosting

Visionwebhosting.net Business web hosting division of Web Design Plus. All rights reserved