How-to Protect server and separate accounts?
How-to Protect server and separate accounts?
Good morning,
Question. in the instance server is hacked through php.
For example on main account "admin"
How this will affect other accounts on VestaCP and system in general?
Will hacker be able to penetrate other accounts and root?
Thanks,
Ed
EDIT1
And what is a good practice to "localize" the damage?
Question. in the instance server is hacked through php.
For example on main account "admin"
How this will affect other accounts on VestaCP and system in general?
Will hacker be able to penetrate other accounts and root?
Thanks,
Ed
EDIT1
And what is a good practice to "localize" the damage?
Re: How-to Protect server and separate accounts?
One domain = one user account
and account isolation with open_basedir
Templates - basedir / hostting for Apache2 and hosting for Nginx
Need security changes in ->
/usr/local/vesta/data/templates/web/apache2/basedir.stpl
/usr/local/vesta/data/templates/web/apache2/basedir.tpl
/usr/local/vesta/data/templates/web/apache2/hosting.tpl
/usr/local/vesta/data/templates/web/apache2/hosting.stpl
viewtopic.php?f=11&t=6747&p=21644&hilit ... dir#p21644
and account isolation with open_basedir
Templates - basedir / hostting for Apache2 and hosting for Nginx
Need security changes in ->
/usr/local/vesta/data/templates/web/apache2/basedir.stpl
/usr/local/vesta/data/templates/web/apache2/basedir.tpl
/usr/local/vesta/data/templates/web/apache2/hosting.tpl
/usr/local/vesta/data/templates/web/apache2/hosting.stpl
Code: Select all
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
Re: How-to Protect server and separate accounts?
skurudo thank you for quick reply.
But if intruder will gain access with php to shell?
What linux permission level will intruder have by default? How can I test this effectively?
And maybe isolate on the linux account level?
Thanks,
Ed
But if intruder will gain access with php to shell?
What linux permission level will intruder have by default? How can I test this effectively?
And maybe isolate on the linux account level?
Thanks,
Ed
Re: How-to Protect server and separate accounts?
open_basedir can lock shell in site folderuscreator wrote: But if intruder will gain access with php to shell?
Mm... tricky question.uscreator wrote:What linux permission level will intruder have by default? How can I test this effectively?
You have shell or two for test?
How you see this?uscreator wrote:And maybe isolate on the linux account level?
Re: How-to Protect server and separate accounts?
I'm not PHP expert so will need to learn more about open_basedirskurudo wrote:open_basedir can lock shell in site folder
Yes I can provide a shell for your testsskurudo wrote: What linux permission level will intruder have by default? How can I test this effectively?
Mm... tricky question.
You have shell or two for test?
Well I'm a little confused with user 'admin'skurudo wrote: And maybe isolate on the linux account level?
How you see this?
If I create another vistaCP user 'putin' will this user be a linux shell user with all web files ownership etc.?
And can 'putin' files be totally isolated?
Re: How-to Protect server and separate accounts?
Yes, you can - https://wiki.apache.org/httpd/SecuringPHPuscreator wrote:I'm not PHP expert so will need to learn more about open_basedir
Can you pm me examles?uscreator wrote:Yes I can provide a shell for your tests
I'm more confused with user 'putin', but about 'isolated putin' it's nice wordplay.uscreator wrote:Well I'm a little confused with user 'admin'
If I create another vistaCP user 'putin' will this user be a linux shell user with all web files ownership etc.?
And can 'putin' files be totally isolated?
Not all user can connect via ssh - don't have bash/sh/dash or somethin - you can add or remove this option
User in VestaCP it's simple linux user with all goods and problems,
Code: Select all
test:x:1001:1001:[email protected]:/home/test:/sbin/nologin
Re: How-to Protect server and separate accounts?
Let me know when you will need it.skurudo wrote: Can you pm me examles?
I will create a Ubuntu box for your tests for a day or two
Yes, that's exactl behaviour I expect.skurudo wrote: PHP scripts run from user and isolated by open_basedir.
If php is penetrated on account 'admin' intruder will stay within 'admin' sandbox.
And cannot go to 'root' or to 'putin'
Re: How-to Protect server and separate accounts?
Anytime, when you ready. I will test it on my servers too.uscreator wrote: Let me know when you will need it.
I will create a Ubuntu box for your tests for a day or two
I tried before http://code.google.com/p/b374k-shell and with open_basedir it didn't work.
Sites on account admin - it's not good idea. I think it's better create new user for sites. If possible one user = one site.uscreator wrote:Yes, that's exactl behaviour I expect.If php is penetrated on account 'admin' intruder will stay within 'admin' sandbox.And cannot go to 'root' or to 'putin'
Re: How-to Protect server and separate accounts?
Yes, I will setup a box for you tomorrow. We need to test this on the live serverskurudo wrote: Anytime, when you ready. I will test it on my servers too.
Yes, you got me thinking now.skurudo wrote: Sites on account admin - it's not good idea. I think it's better create new user for sites. If possible one user = one site.
All of the files on the Vestacp are installed unders 'admin' ???
This includes binaries and other things. ( like Apache, nginx, fail2ban ) all under 'admin'???
You are right admin should not be used for web hosting at all in this case. Maybe some expert can correct me.
Re: How-to Protect server and separate accounts?
Nope, you got me a bit wrong. VestaCP install files and binaries with normal/unix way under root, apache2/nginx work with their rights. It's absolutly standart way. But user admin can use sudo and I see there security issue, if we place all your sites under this account and enable ssh for this user (disabled by default).uscreator wrote:All of the files on the Vestacp are installed unders 'admin' ???
This includes binaries and other things. ( like Apache, nginx, fail2ban ) all under 'admin'???
You are right admin should not be used for web hosting at all in this case. Maybe some expert can correct me.