Re: virtual host

To: Pol Hallen <deben@fuckaround.org>
Cc: debian-user <debian-user@lists.debian.org>
Subject: Re: virtual host
From: alberto fuentes <pajaro@gmail.com>
Date: Wed, 3 Jul 2013 20:58:35 +0200
Message-id: <[🔎] CALkubT6eGDgVumWfDUt+ZyOg=MudQ3cyCdmNWuxi5eRQtoyDZw@mail.gmail.com>
In-reply-to: <[🔎] 51D4721E.8060306@fuckaround.org>
References: <[🔎] 51D1B861.80501@fuckaround.org> <[🔎] CALkubT44GgELBWmbAdAT49V3BoJ=XKdCAdnfTJPqxmS6d9rdwg@mail.gmail.com> <[🔎] 51D4721E.8060306@fuckaround.org>

On Wed, Jul 3, 2013 at 8:49 PM, Pol Hallen <deben@fuckaround.org> wrote:
> I mean users owner of own virtual host can see own logs.
>
> But if there're any security problem by log I prefer deny access to
> error.log (and permit only access.log [also for purpose statitics])

How are you going to allow read access to owner of virtualhost?
does it have some user in that machine? does he have ftp access to
virtualhost documentroot?
Are you just going to send him the logs somewhere outside your server?

I guess it depends in how potentially hostile is this user towards
your server, but he will only be able to see the errors of his own
virtualhost... I dont really see a problem, but just take this as
amateur security advice  ;)

cheers

Reply to:

References:
- virtual host
  - From: Pol Hallen <deben@fuckaround.org>
- Re: virtual host
  - From: alberto fuentes <pajaro@gmail.com>
- Re: virtual host
  - From: Pol Hallen <deben@fuckaround.org>

Prev by Date: Re: apache (debian 7) missed chroot module
Next by Date: Re: systems hangs every few days
Previous by thread: Re: virtual host
Next by thread: Setting up simple VNC Server?
Index(es):
- Date
- Thread