P
ppc
Guest
I just discovered something on my Plesk 8.1 server:
I'm the server admin and I host my domain name: mydomain.com. in the Plesk CP.
I have other "clients". Those clients are allowed to create subdomains.
The problem is, if the customer wants to, they can go to the add a domain settins in their client CP and insert a subdomain such as support.mydomain.com(yes a sub domain on my domain name) and then they could redirect it to another site or upload their own personal files.
And obviously, this does not only apply to my websites but any websites on the server.
This is a huge security issue. Has anyone dealt with this? SWSOFT?
I'm the server admin and I host my domain name: mydomain.com. in the Plesk CP.
I have other "clients". Those clients are allowed to create subdomains.
The problem is, if the customer wants to, they can go to the add a domain settins in their client CP and insert a subdomain such as support.mydomain.com(yes a sub domain on my domain name) and then they could redirect it to another site or upload their own personal files.
And obviously, this does not only apply to my websites but any websites on the server.
This is a huge security issue. Has anyone dealt with this? SWSOFT?