[Typo3] server hacked // report.php
Christoph Koehler
christoph.koehler at gmail.com
Thu Jul 21 22:41:59 CEST 2005
Thanks Dmitry!
I know that 777 is a great risk! I was surprised that they were all
chmodded like that!
Is 775 or 755 generally save?
The script had apache user rigts, so it overwrote all .htaccess files I
guess, but I will use your advise, thanks!
On Thu, 21 Jul 2005 14:33:01 -0500, Dmitry Dulepov <typo3 at fm-world.ru>
wrote:
> Hi!
>
> chmod 777 is a big security risk. This is, most likely, the problem.
>
> You can also strengthen site security by putting the following .htaccess
> to some folders:
> ---------
> php_flag engine off
> ---------
> It will disable execution of php scripts there. At least the following
> folders should be secured this way:
> /fileadmin
> /typo3temp
> /uploads
>
> Dmitry.
>
More information about the TYPO3-english
mailing list