Setting up a VPS to host Joomla 1.5 securely

Hi,

Here is what I found about server setup to run joomla, some are instructions, some are questions that I will let you dedice upon for me and action if you want:

A/

.HTACCESS:


I don't know if htat should be in the server's .htaccess or at account level but that's how it should be I guess:

This is something i can do myself for account level but you're welcome to comment on this part:

1/

#Prevent Cross Site Scripting (XSS) Attacksphp_flag allow_url_fopen off

#Prevent Code Injection Attacksphp_flag magic_quotes_gpc on#Note that although the magic_quotes_gpc directive adds a layer of security, for performance reasons it is not considered a best practice. If you have verified that your site correctly filters and validates all user data (and every production site really should), then there is no need to add this directive. If you have any doubt, add it.

2/

########## Begin - Rewrite rules to block out some common exploits## Block out any script trying to set a mosConfig value through the URLRewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]# Block out any script trying to base64_encode crap to send via URLRewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]# Block out any script that includes a tag in URLRewriteCond %{QUERY_STRING} (\|%3E) [NC,OR]# Block out any script trying to set a PHP GLOBALS variable via URLRewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]# Block out any script trying to modify a _REQUEST variable via URLRewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})# Send all blocked request to homepage with 403 Forbidden error!RewriteRule ^(.*)$ index.php [F,L]########### End - Rewrite rules to block out some common exploits


3/

###Block hot linking:RewriteEngine OnRewriteCond %{HTTP_REFERER} !^http://(.+\.)?securehotelbooking\.com/ [NC]RewriteCond %{HTTP_REFERER} !^$RewriteRule .*\.(jpe?g|gif|bmp|png)$ /images/no_hot_link.jpe [L]


4/#### APACHE: How do I block directory scans with .htaccess?

RewriteRule ^/*.*$ /index.php



B/

PHP.INI


1/

register_globals = 0

2/

disable_functions = show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open

3/

allow_url_fopen = 0

4/

magic_quotes_gpc = 1

5/

safe_mode = 1

6/

open_basedir = /dir/to/include/change/me



C/

MODULES:


1/

modsecurity 2.5.x ... no sure what settings


2/

use safeMode... ??? what will that bring??? if use, how can I turn it on or off?


3/

Follow the "Least Privilege" principle for running PHP using tools such as PHPsuExec, php_suexec or suPHPbut I'm nt sure about settings... how can I access settings fro that?


4/

Configure Apache mod_security and mod_rewrite filters to block PHP attacksplease tell me how to access settings for this too


5/

Be sure MySQL accounts are set with limited access. The initial install of MySQL is insecure; careful configuration is required


6/

TripWire or SAMHAIN or other



D/

QUESTIONS:


1/

Should PHP run as a CGI script or as an Apache module?There are two ways to configure Apache to use PHP:a. Configure Apache to load the PHP interpreter as an Apache module.b. Configure Apache to run the PHP interpreter as a CGI binary.What should I do? knowing that apparently I can't use .htaccess in the second case... but can replace with

php.ini settingsMy aim is maximum security...


2/

Edit the Apache user.conf file and tell apache to run under the FTP accountis that related / compatible / incompatible with suphp???


3/

find . -type f -exec chmod 644 {} \;find . -type d -exec chmod 755 {} \;would these lines work on the ssl of my vps?

4/

What is Nix shell? do I have that on my VPS?

I'm leaving now for the day, please start with what can be done and I'll follow up on your reply tomorrow

Kindly

Posted On: 04 Jun 2008 09:44 AM

, most of the «A» and «B» should secure account with Joomla installed.


C:

1. Already installed.


2. That will make PHP more secure, but will make all poorly-written PHP apps to stop working.


3. We can install suPHP for you. However, that may cause some problems to already installed PHP apps.


4. Mod_security is already configure to block most of the known attacks against PHP.


5. They already are.


6. We can install which ever you like more.


D:

1. Mod_php is the fastest way to run PHP scripts, suPHP is the most secure (but more CPU-hungry). All other ways can be considered useless, especially the CGI-way. It lacks suPHP security, cause some compatibility problems and not convenient to use.


2. Question is senseless.


3. Question is senseless.


4. It's a Unix shell (http://en.wikipedia.org/wiki/Unix_shell). Since your VPS is running Linux, which is a, roughly, flavor of UNIX, yes, you have it.




Egor M.

Support Dep.

Lagier

Posted On: 04 Jun 2008 10:30 PM


Hi,

thanks for your reply



- C/2: safemode... please go ahead and install it, but please tell me how i can turn it on and off


- C/3: go ahead and install suPHP for me but please tell me how i can look at the settings of it...


- C/6: you answered: "We can install which ever you like more."

can you advise on that.... you probably know the ones that can be useful to me


- question D/2/ senseless: what's this thing about having Apache running under FTP account?

do you mean it's useless to do so?


- D/4: Nix shell, please advise briefly on how to use


- also, before I start working on VPS, I know that there's something I should setup in Cron in order to use the "locate" function in ssh... can you do that for me please because I'm scared to do something like that


- How can I do to get the HFW support agent manual... VPS/WHM/VZPP manuals available are useless, online information on WWWs is generic and too wide... - what's the next step now? please feel free to install/setup the way you think best, i already confirm that yes, go ahead, in case you need to ask.... when you're wondering performance -Vs- Security: go for the security ^_^


Kindly





Posted On: 04 Jun 2008 11:42 PM

Hi ,


I will start suPHP installation on your server, and will set other things after I'm done with it.


I would just like to warn you, Joomla is not of the most secure CMSes available. All those settings on server should secure it, but there will still be possible vulnerabilities. After you install it, you should make sure to keep it on latest version all the time, and to apply all security patches when they are available.




Best regards,

Tom H.

Inc.

Please send us your comments @ customer.care@.com

Lagier

Posted On: 05 Jun 2008 03:35 AM


greetings mr Tom,

actually I'm not sure if you're waiting for a sign of me to do the things or if they are ongoing...

just checking on status, sorry if i'm disturbing

Kindly




T

Posted On: 05 Jun 2008 03:40 AM

,


PHP is now running as suPHP module.

When you install Joomla, you will have to edit it's configuration to create new directories with 755 and files with 644 permissions.

I've enabled few security modules in WHM (cPhulk to block brute force attempts on FTP, cPanel and mail; open_basedir, to block scripts from accessing anything outside of account's home directory and some directories that scripts will need to work properly; disabled compilers for unprivileged users, so no user will be able to compile some script. That can be enabled per user level).


A1) - both has been configured on server level, in main php.ini

Other things under A should be done on account level, in .htaccess


All things under B are done. Please notice that phpinfo function is now disabled, so you won't be able to create phpinfo page. I would leave safe_mode off, because it might cause some problems. that function is mostly used to protect poorly written scripts.


For using shell, you should check some manuals and tutorials about basic shell commands:


http://www.webhostgear.com/35.html

or

http://www.sshcmds.com/


for instance.


I would just recommend changing root password, and setting SSH port to some other than 22.




Best regards,

Tom H.

Inc.

Please send us your comments @ customer.care@.com

Lagier

Posted On: 05 Jun 2008 04:04 AM


hi,

thanks a lot, i'll study these webistes.


1/ when I go to WHM I get this error message:




Main >> Adding an A entry for server.rootshosting.net


Adding an A entry for server.rootshosting.net


The zone for the root domain rootshosting.net is missing, or could not be read. The ip address will be read from the webserver configuration and a new zone will be created for this subdomain.


Sorry, a DNS entry for server.rootshosting.net already exists, please delete it from your nameserver configuration file (named.conf) and the zone directory first.2/ when you say "and setting SSH port to some other than 22", is that something i do from WHM first or from my local connection software (putty) only?


3/ what are the other thigns I should prepare before I can start to work? what about that "thing to do" before I can use "locate" function in ssh?


4/ I guess ther'es still no way to get the HFW support agent manual ... just checking ^_^


5/ DNS: I intend to keep all accounts under shared for a while and host only 1 account under vps. In the future that account should become my most busy, most critical, most secure account. If I keep that account alone on VPS, is there a way to secure it even more?


6/ What should I do if I want to have a server on my machine run exactly like the VPS? can I clone the VPS on local machine? what software should I use to do so? I run windows XP but could install a linux on a separate partition... is there a magic tool to do that? or should I just forget it and just work with easy PHP and correct discrepencies at upload...?


thanks a lot for all your efforts for me

Kindly





QIK-756629Department: Level 3 SupportPriority: LowStatus: On Hold

Tom H.

Posted On: 05 Jun 2008 04:25 AM

,


That error is displaying in WHM because A record for hostname is not set. To set it properly, best option would be to create account for main domain (rootshosting.net) first. After that A record can be automatically added from WHM.


We can setup cronjob that will run updatedb command every few days (that command is updating files indexes, so you are able to use locate command). That cron should run in time when server is under low load, because it could iicrease loads while running.


>> 4/ I guess ther'es still no way to get the HFW support agent manual

- I am not sure what are you referring at here. We don't have one manual that all of us would use. And, simple list of commands would not be enough, you should understand what each command is doing on system. And, best way would be to start learning basics.


Which account would you like to have hosted on VPS? Anyway, you should have main domain, rootshosting.net, hosted there. When account is created, we should setup nameservers on VPS (if I remember well, nameservers are already registered on registrar side). then after you move account on VPs, just use private nameservers for it. And, all other can keep using our nameservers, so they could resolve to reseller.


If you would need "copy" of your VPS at home, you should install CentOS Linux on some computer. Then you should install cPanel there. Some things on your VPs are installed with our custom builders, or directly from application source, instead using cPanel builders. Our builders showed more stable than some that cPanel provides.



Best regards,

Tom H.

Inc.

Please send us your comments @ customer.care@.com

Lagier

Posted On: 05 Jun 2008 04:56 AM


Hi,

thanks for reply


I'm learning... slowly... but learning ^_^


how to create main account? the same way I create a normal accounts?

website rootshosting.net is on shared and can stay there for now... is that going to bring confusion?

VPS will host securehotelbooking.com only for now

should it also host rootshosting website?


yes, can you can create the cron job for me please, at 1 or 2am USA eastern time, daily or less, should be fine


I'm not yet able to connect ssh now, I get error message saying that server.rootshosting.net doesnt' exist... i guess it's because of the A entry thing... also... is it from the putty interface that I change the ssh port 22 ??? or do I need to set that up from WHM first?

Any other settings/preference I should communicate to you to complete the VPS setup?


Kindly





Posted On: 05 Jun 2008 06:37 AM

,


I've setup updatedb to run once a week, every sunday at 2AM. That should be enough. And, you can allways run it manually if needed.

You won't be able to connect to server via hostname now, only via IP.


If you plan to keep server.rootshosting.net hostname, and use ns1.rootshosting.net and ns2.rootshosting.net nameservers for all domains on VPs, that domain should be hosted on server. That way you would avoid mail delivery problems.

If you would host only securehotelbooking.com there, best option would be to change hostname to server.securehotelbooking.com, and to use ns1/ns2.securehotelbooking.com


It would be good to change SSH port from 22 to some other one. We can change that for you.


Best regards,

Tom H.

Inc.

Please send us your comments @ customer.care@.com

Lagier

Posted On: 05 Jun 2008 06:45 AM


hi,

ok, I'll move rootshosting back to VPS

This website can be pure html anyway, no problem

should I create a standard account for it?


yes, please change port for ssh to whatever you think bestI'm waiting for your reply to start to work


Kindly





Posted On: 05 Jun 2008 06:55 AM

,


SSH port is changed to 123

Yes, you should just create account for rootshosting.net in WHM. After that we will setup nameservers in DNS zone, and add A record for hostname.


Best regards,

Tom H.

Inc.

Please send us your comments @ customer.care@.com

Lagier

Posted On: 05 Jun 2008 07:03 AM


hi,

account rootshosting.net created

will update now from registrar side now too

waiting for your 'GO' to work on securehotelbooking

Thanks




 

Posted On: 05 Jun 2008 07:07 AM

,


Nameservers are configured on server now:


66.225.216.125 ns1.rootshosting.net

66.225.216.126 ns2.rootshosting.net



Best regards,

Tom H.

Inc.

Please send us your comments @ customer.care@.com

Lagier

Posted On: 05 Jun 2008 07:12 AM


hi,

one more question out of curiosity:

ip ---> dns right?

what's the deal if I assign dedicated ip 66.225.216.127 for securehotelbooking

... on registrar side I'll put ns1 and ns2.rootshosting.net for securehotelbooking

or should I create another dns for IP 66.225.216.127?

I think not... but I got to make sure ^_^

Kindly




 

Posted On: 05 Jun 2008 07:21 AM

,


You won't have to create any new nameservers if domain is on dedicated IP.

Even if dedicated IP is assigned to nameserver, it can still be used for some account.

So, you would only ahve to assign ns1/ns2.rootshosting.net for securehotelbooking in registrar, and that should do it.


Best regards,

Tom H.

Inc.

Please send us your comments @ customer.care@.com

Lagier

Posted On: 05 Jun 2008 09:25 PM


hi,

Fantastico is not installed on cpanel for domains under vps

Could you put it up please

Kindly




T

Posted On: 05 Jun 2008 11:01 PM

Hello,


Fantastico De Luxe has been installed. Your root password appears to have been changed about half way through the install, however, so I wasn't able to activate Fantastico in the WHM features list. You should do this for the lists you want to include Fantastico on.


Best Regards,

Erik R.

HFW Level 3 Support

Lagier

Posted On: 05 Jun 2008 11:22 PM


hi,

sorry for changing password, I didnt think it'd affect your work


fantastico is enabled in defaulf feature list (in package menu right?)

and I created a main package using default feature ist

assigned this package toaccount

but fantastico doesn't show in this account's cpanel


I put back the former password so you can login again

Kindly




T

Erik R.

Posted On: 05 Jun 2008 11:33 PM

Hello,


Fantastico appears to be installed and activated properly. Can we have the cPanel password for that account so we can test it further?


Best Regards,

Erik R.

HFW Level 3 Support

Tom H.

Posted On: 06 Jun 2008 12:10 AM

,


If you're installing Joomla, I would advise you not to do it from Fantastico. Fantastico does not have up to date versions provided every time.

You should at least install it manually (download installation from their site, and install on account manually).


Best regards,

Tom H.

Inc.

Please send us your comments @ customer.care@.com

Lagier

Posted On: 06 Jun 2008 01:21 AM


hi,

yes, I intended to upgrade directly after install


but


since we got suphp on (I think it's the reason) I can't use flags in htaccess and other things than flags...


is there a way that I can put the following lines without putting the website off:


*************************


#Prevent Global Variable Injection Attacksphp_flag register_globals off

#Prevent Cross Site Scripting (XSS) Attacksphp_flag allow_url_fopen off

#Prevent Code Injection Attacksphp_flag magic_quotes_gpc on

# Block out any script trying to set a mosConfig value through the URLRewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]# Block out any script trying to base64_encode crap to send via URLRewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]# Block out any script that includes a tag in URLRewriteCond %{QUERY_STRING} (\|%3E) [NC,OR]# Block out any script trying to set a PHP GLOBALS variable via URLRewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]# Block out any script trying to modify a _REQUEST variable via URLRewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})# Send all blocked request to homepage with 403 Forbidden error!RewriteRule ^(.*)$ index.php [F,L]

###Block hot linking:RewriteEngine OnRewriteCond %{HTTP_REFERER} !^http://(.+\.)?securehotelbooking\.com/ [NC]RewriteCond %{HTTP_REFERER} !^$RewriteRule .*\.(jpe?g|gif|bmp|png)$ /images/no_hot_link.jpe [L]

#### APACHE: How do I block directory scans with .htaccess?

RewriteRule ^/*.*$ /index.php


****************************


Kindly




 

Posted On: 06 Jun 2008 01:25 AM


Also I forgot, can you put the Ioncube loader please:


"Site error: the file /home/hotelboo/public_html/jomres_webinstall.php requires the ionCube PHP Loader ioncube_loader_lin_4.4.so to be installed by the site administrator"


Kindly


Tom H.

Posted On: 06 Jun 2008 01:25 AM

,


#Prevent Global Variable Injection Attacksphp_flag register_globals off

#Prevent Cross Site Scripting (XSS) Attacksphp_flag allow_url_fopen off

#Prevent Code Injection Attacksphp_flag magic_quotes_gpc on


All that is set in main php.ini, on server level. you don't have to add that in .htaccess.


Best regards,

Tom H.

Inc.

Please send us your comments @ customer.care@.com

Lagier

Posted On: 06 Jun 2008 01:59 AM

Also I forgot, can you put the Ioncube loader please:


"Site error: the file /home/hotelboo/public_html/jomres_webinstall.php requires the ionCube PHP Loader ioncube_loader_lin_4.4.so to be installed by the site administrator"


Kindly


Tom H.

Posted On: 06 Jun 2008 02:12 AM

,


Ioncube loader is installed:


PHP 4.4.8 (cgi) (built: Jun 5 2008 01:09:23)

Copyright (c) 1997-2008 The PHP Group

Zend Engine v1.3.0, Copyright (c) 1998-2004 Zend Technologies

with the ionCube PHP Loader v3.1.32, Copyright (c) 2002-2007, by ionCube Ltd., and

with Zend Extension Manager v1.2.0, Copyright (c) 2003-2007, by Zend Technologies

with Zend Optimizer v3.3.0, Copyright (c) 1998-2007, by Zend Technologies


Best regards,

Tom H.

Inc.

Please send us your comments @ customer.care@.com

Lagier

Posted On: 06 Jun 2008 03:10 AM

hi,

I came upon a strange issue working on hotelboo website

some files are un-accessible in /home/hotelboo/public_html/components/com_jomres/libraries/PHPMailer_v2.0.0/


strangely this folder (and this one only as far as I know) displays different settings according to the way I look at it

with virtuozzo files and folders show normally, chmod appears 644 and files are editable

from cpanel I don't see difference between files and folder, chmod appear 000 and files are not editable


I could re-install the whole thing but really I dont understand why we dont' see the same thing from vzpp and cpanel


Kindly



Attachments virt_vs_cpanel.jpg (74.48 KB)

Tom H.

Posted On: 06 Jun 2008 03:30 AM

,


this is strange. To be honest, I am not sure what could cause this. Files have proper permissions, so cPAnel is reporting it wrongly. If I remember correctly, that was happening before server rebuild too.

I would say that is some cPanel bug, I can't see what else could cause it. VZPP is sowing permissions on files properly, as they are:


-bash-3.00# ls -al /home/hotelboo/public_html/components/com_jomres/libraries/PHPMailer_v2.0.0/

total 128

drw-r--r-- 3 hotelboo hotelboo 4096 Jun 6 02:14 .

drwxr-xr-x 8 hotelboo hotelboo 4096 Jun 6 02:14 ..

-rw-r--r-- 1 hotelboo hotelboo 26925 Jun 6 02:14 LICENSE

-rw-r--r-- 1 hotelboo hotelboo 51515 Jun 6 02:14 class.phpmailer.php

-rw-r--r-- 1 hotelboo hotelboo 32450 Jun 6 02:14 class.smtp.php

drw-r--r-- 2 hotelboo hotelboo 4096 Jun 6 02:14 language

-bash-3.00# ls -al /home/hotelboo/public_html/components/com_jomres/libraries/PHPMailer_v2.0.0/language/

total 92

drw-r--r-- 2 hotelboo hotelboo 4096 Jun 6 02:14 .

drw-r--r-- 3 hotelboo hotelboo 4096 Jun 6 02:14 ..

-rw-r--r-- 1 hotelboo hotelboo 1150 Jun 6 02:14 phpmailer.lang-br.php

-rw-r--r-- 1 hotelboo hotelboo 1090 Jun 6 02:14 phpmailer.lang-ca.php

-rw-r--r-- 1 hotelboo hotelboo 1117 Jun 6 02:14 phpmailer.lang-cz.php

-rw-r--r-- 1 hotelboo hotelboo 1246 Jun 6 02:14 phpmailer.lang-de.php

-rw-r--r-- 1 hotelboo hotelboo 1117 Jun 6 02:14 phpmailer.lang-dk.php

-rw-r--r-- 1 hotelboo hotelboo 1062 Jun 6 02:14 phpmailer.lang-en.php

-rw-r--r-- 1 hotelboo hotelboo 1141 Jun 6 02:14 phpmailer.lang-es.php

-rw-r--r-- 1 hotelboo hotelboo 1149 Jun 6 02:14 phpmailer.lang-et.php

-rw-r--r-- 1 hotelboo hotelboo 1197 Jun 6 02:14 phpmailer.lang-fi.php

-rw-r--r-- 1 hotelboo hotelboo 1238 Jun 6 02:14 phpmailer.lang-fo.php

-rw-r--r-- 1 hotelboo hotelboo 1162 Jun 6 02:14 phpmailer.lang-fr.php

-rw-r--r-- 1 hotelboo hotelboo 1106 Jun 6 02:14 phpmailer.lang-hu.php

-rw-r--r-- 1 hotelboo hotelboo 1352 Jun 6 02:14 phpmailer.lang-it.php

-rw-r--r-- 1 hotelboo hotelboo 1177 Jun 6 02:14 phpmailer.lang-ja.php

-rw-r--r-- 1 hotelboo hotelboo 1116 Jun 6 02:14 phpmailer.lang-nl.php

-rw-r--r-- 1 hotelboo hotelboo 1042 Jun 6 02:14 phpmailer.lang-no.php

-rw-r--r-- 1 hotelboo hotelboo 1199 Jun 6 02:14 phpmailer.lang-pl.php

-rw-r--r-- 1 hotelboo hotelboo 1120 Jun 6 02:14 phpmailer.lang-ro.php

-rw-r--r-- 1 hotelboo hotelboo 1137 Jun 6 02:14 phpmailer.lang-ru.php

-rw-r--r-- 1 hotelboo hotelboo 1093 Jun 6 02:14 phpmailer.lang-se.php

-rw-r--r-- 1 hotelboo hotelboo 1119 Jun 6 02:14 phpmailer.lang-tr.php



Best regards,

Tom H.

Inc.

Please send us your comments @ customer.care@.com

Lagier

Posted On: 06 Jun 2008 03:37 AM


hi,

souldn't we re-install cpanel then?

...

could it be some incompatibility between certain versions of cpanel or other things in the server Vs this extension?

I never saw taht before and it seems that it's happening recurrently...

...

last time it was happening on the whole domain, but now it's inside that newly installed extension...

also last time I didnt match records with vzpp records


nothing to do I guess but try to re-install cpanel :S

or u think it's not necessary?

Kindly






 

Posted On: 06 Jun 2008 03:44 AM


update

this folder is un-accessible through ftp as well...




 

Posted On: 06 Jun 2008 03:51 AM

,


Could you please provide password for that account, to test FTP.

Joomla is freshly installed? Have you installed it from Fantastico, or manually?


Best regards,

Tom H.

Inc.

Please send us your comments @ customer.care@.com

Alex T.

Posted On: 06 Jun 2008 03:53 AM

Greetings,


Please hold on. Working on it.


Alex T.

Level3 Support Dep.

Lagier

Posted On: 06 Jun 2008 04:05 AM



freshly installed j! 1.5.2 from fantastico, not yet patched to j! 1.5.3

also instaled com_jomres which required ioncube....




Posted On: 06 Jun 2008 04:42 AM

Greetings,


Your cPanel was upgraded.


Alex T.

Level3 Support Dep.

Lagier

Posted On: 06 Jun 2008 04:48 AM


hi,

issue remains

Kindly




 

Posted On: 06 Jun 2008 05:01 AM



ok now

I wish I knew what you did... what was the problem? not cpanel for sure

thanks a lot though


Tom H.

Posted On: 06 Jun 2008 05:16 AM

,


My fault, I haven't noticed it earlier. Directory had 644 permissions, and you can't access directory via FTP if it doesn't have executable bit enabled. I've changed permissions of directory to 755.

It seems that Joomla set wrong permissions to it when it was installing component.

You should check that it's set to create directories with 755 permissions.


Best regards,

Tom H.

Inc.

Please send us your comments @ customer.care@.com

Lagier

Posted On: 06 Jun 2008 05:24 AM


hi, thanks a lot for the explanation (it doesnt' explain why files were showing 000 though, but it's working now, it's all that matters) but i can't connect ssh using server.rootshosting.net anymore :( eventhough account rootshosting has been set)using IP is ok.not a major issue, the important is that i can connect.. but something has changed Kindly



 

Posted On: 06 Jun 2008 05:27 AM

,


Those wrong permissions were causing problems for cPanel File manager to read that directory properly, that is why it was showing completely wrong permissions on it.

It could be that your hostname is still not fully propagated on your side, it's pointing to proper IP on my end.

You should be able to access it via IP.

This website uses Cookies