Resolved Plesk panel apache fallowsymlink close

GiRGiN

GiRGiN

New Pleskian
This problem is inevitable especially in dealer accounts where the Plesk panel can be a bit of a hassle to turn off fallowsymlink on a server basis.
Attackers can create and read files on other accounts.

To turn off the fallowsymlink directive on a server-by-server basis, follow these steps.


Open the file via SSH or ftp.
Code: 
nano /etc/httpd/conf.d/userdir.conf

Add the following commands to the last line.
Code: 
<Directory "/var/www/vhosts/*/httpdocs">
    AllowOverride FileInfo AuthConfig Limit Indexes
    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    Require method GET POST OPTIONS
</Directory>

<Directory "/var/www/vhosts/*/*/">
    AllowOverride FileInfo AuthConfig Limit Indexes
    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    Require method GET POST OPTIONS
</Directory>

Reload the Apache server.
Code: 
service httpd reload
 
You must log in or register to reply here.

Similar threads

D
Resolved mysql: Deprecated program name. It will be removed in a future release, use '/usr/bin/mariadb' instead
Replies
3
Views
3K
Dagalidis
D
Bod
Question Upstream Apache directive blocking .htaccess file directives
Replies
5
Views
8K
Bod
Bod
D
Input How to run Magento 2 on Plesk Obsidian 18 without Docker
Replies
8
Views
8K
Isolde
I
TimReeves
Resolved Webmail - PHP not working, file downloaded not executed
Replies
2
Views
3K
aslotta
aslotta
F
Resolved FastCGI PHP 500 Internal Server Error cgi_wrapper failed to setgid
Replies
1
Views
5K
Fabrizio
F
Back
Top