Our features site is undergoing a refresh! Be sure to explore the revamped site and discover our latest product roadmap launching here on Monday, March 18th.
New Topic
cPanel & WHM Feature RequestsTopicSecurity
Properties
Category Security
Tags autossl, .htaccess, transfer tool, pkgacct

Add an option to allow bypassing restrictive user account .htaccess permissions

cp_Sky shared this idea 8 years ago
Open Discussion

In some utilities in cPanel, such as the pkgacct or AutoSSL, a restrictive .htaccess utilizing 0444 permissions will cause these to fail to address/adjust this resource during these operations :


  1. Cpanel::Transaction::File::Base::new("Cpanel::Transaction::File::Raw", "path", "/home/ourUserName/public_html/.htaccess", "permissions", 420) called at /usr/local/cpanel/Cpanel/HttpUtils/Htaccess.pm line 449
  2. [2016-10-14 01:22:08 +0300] Fixing up EA4 .htaccess blocks: /home/ourUserName/public_html/.htaccess (failed) Done.


It might be useful for some to allow cPanel to attempt to determine if this seems like it should be able to be adjusted, perhaps in the nature of a Tweak Setting.


I have seen many hosting providers utilize 0000/chattr immutable permissions to keep compromised accounts from making malicious redirects, so perhaps it should not be made to ambitious, but perhaps try to detect for only a somewhat restricted .htaccess, or simply adjust it only temporarily for whatever process is at issue, then set it back to it's previously set permissions.

1 I like this idea 0  
Leave a Comment
 
Attach a file

cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.