Access below root - Reseller Hosting, Shared Hosting, Dedicated Hosting by Vortech Inc.

***obj*** · #1 09-27-2003, 08:06 PM

Can I access a file below the root? (domain.com folder?) I wanted to run scripts from below the domain.com folder to protect them. I that possible?

***Garreg*** · #2 09-27-2003, 08:35 PM

Yes.

Most hosts using ASP with an MS Access database use a folder outside of the root to protect it from prying eyes.

Create a folder and set the permission for it via FTP -> 'if' you have a problem send in a TT with the details of the folder / domain and permissions that you require and I'm sure of on the techies will oblige

***obj*** · #3 09-27-2003, 08:55 PM

Garreg, I did not quite understand your answer but maybe I was not clear on what I'm trying to do.

I am on a Unix server and I'm trying to do the testing with an Instant (temporary) URL

I placed a file in the root folder calling a file ../cgi-bin/file.cgi

All file and folder permissions are set to 755.

When I look at the error log file I see that the link is trying to open the cgi-bin inside the domain folder: domain.com/cgi-bin/file.cgi which is not correct.

My hunch was that it may have to do with the temporary URL. So I made another test setup on a"real" domain and the same happens.

I have the same script running under this setup on a different hosting service and it works.

So I guess my question is: Does Vortech allow to run scripts placed below the root?

Thanks.

***Brangwyn*** · #4 09-27-2003, 08:56 PM

Usually you won't need to set permissions (on windows at least) as the default permissions for folders above root already have read/write access.

Funnyhat · #5 09-27-2003, 09:02 PM

I would guess the folder below your domain folder does not have cgi execute access... Is this on UNIX or windows machine?

Also what are you trying to protect? I guess I thought CGI was like PHP/ASP is the aspect that for someone to steal the code they need to have the actual file not just the output but I could be wrong.

Mark

***obj*** · #6 09-27-2003, 09:40 PM

This is on Unix and the permissions are set to execute. The script is a store setup and placing all data and scripts below the webfolder is a security measurment.

***Brangwyn*** · #7 09-27-2003, 11:47 PM

If a folder is above the root then you can't execute files in it, same applies to both windows and unix afaik.

#8 09-28-2003, 03:46 AM

I understand what you mean and personally I consider it a design deficiency (aka something I Do Not Do on my own servers) but changing it would be a major undertaking since thousands of sites are already configured according to this design.

You should be able to include files from below public_html but the actual cgi-bin resides only inside public_html. Of course if it's not software that you're designing yourself I guess you don't have the luxury of juggling its file location so you want to be careful with your permissions and not leave configuration scripts accessible. .htaccess is your friend.

***obj*** · #9 09-28-2003, 09:40 AM

Thanks, Alex. I tried to call a plain html file for testing that was placed below public_html and it did not work either. So I guess I have to place everything in and above plublic_html.

I understand how to set permissions but can someone explain to me how I can make the setup more secure with .htaccess files?

Thanks.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Files in FTP root dir	obyone89	Chit Chat Public	2	05-28-2003 11:17 PM

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)