Reset Permisson
cd /usr/local/directadmin/scripts/
./set_permissions.sh all
cd /usr/local/directadmin/data/users && for i in ls; do { chown -R $i:$i /home/$i/domains/*/*;}; done;
cd /usr/local/directadmin/data/users && for i in ls; do { chown -R $i:$i /home/$i/.bash*;}; done;
cd /usr/local/directadmin/data/users && for i in ls; do { chown -R $i:$i /home/$i/.sha*;}; done;
cd /usr/local/directadmin/data/users && for i in ls; do { chown -R $i:$i /home/$i/.mozi*;}; done;
cd /usr/local/directadmin/data/users && for i in ls; do { chown -R $i:$i /home/$i/public_html;}; done;
cd /usr/local/directadmin/data/users && for i in ls; do { chown -R $i:mail /home/$i/Maildir;}; done;
cd /usr/local/directadmin/data/users && for i in ls; do { chown -R $i:apache /home/$i/.php;}; done;
cd /usr/local/directadmin/data/users && for i in ls; do { chown -R $i:$i /home/$i/domains/*/.htpass*;}; done;
vault repo สำหรับ Centos 5
[base]
name=CentOS-$releasever – Base
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
baseurl=http://vault.centos.org/5.11/os/i386/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
#released updates
[updates]
name=CentOS-$releasever – Updates
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
#additional packages that may be useful
[extras]
name=CentOS-$releasever – Extras
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
#baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/
baseurl=http://vault.centos.org/5.11/extras/i386/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
วิธีลบ rule iptables ทีเดียวหมด
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
วิธีเซ็ตค่า php.ini เพื่อความปลอดภัย
แบบมาตรฐาน
——————————–
disable_functions = symlink,shell_exec,exec,proc_close,proc_open,popen,system,passthru,escapeshellarg,escapeshellcmd,ini_restore
แบบสูงสุด
——————————–
disable_functions = symlink,shell_exec,exec,proc_close,proc_open,popen,system,passthru,escapeshellarg,escapeshellcmd,pcntl_exec_proc_get_status,proc_nice,proc_terminate,pclose,ini_alter,virtual,openlog,ini_restore
——————————–
กำหนด upload_tmp_dir และ session_save_path ไปที่ /tmp ที่เราได้ mount แบบ noexec ไว้แล้ว
upload_tmp_dir = “/tmp”
session.save_path = “/tmp”
กำหนดขนาดไฟล์สูงสุดที่ upload ได้ผ่าน PHP โดยกำหนด post_max_size ให้มากกว่า upload_max_filesize เล็กน้อย
upload_max_filesize = 10M
post_max_size = 12M
/etc/init.d/httpd restart