• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Big security problem in apache

L

luribe

Guest
Hi,

I have a Plesk server with 5 clients, all with a different domain and of course a different folder in /home/httpd/vhosts.

But every client can see the other clients folder with a simple php file like this:
<? system("ls -l /homt/httpd/vhosts") ?>

There is a way to change this? Anyone have the same problem? How we can fix that?

Update There is a way, in php.ini set the variable disable_function to: dl,system,exec,passthru,shell_exec (and/or add the functions you want to restrict.)

But, this could give me a problem with plesk or the application vault?
 
Back
Top