what is public, what is private?

Forum Moderators: phranque

Message Too Old, No Replies

what is public, what is private?

spammers seem to be sneaking in

mimerim

8:55 pm on Jun 19, 2003 (gmt 0)

it seems as though spammers are sneaking into directories that i've always thought they couldn't get to. i'm self taught on unix and not very advanced. i've always thought that anything above the "html" or "htdocs" directory was not accessible by anyone but me.

i understand that /usr/www/username/httpd/htdocs is public. can they get into httpd? for instance, can they get into httpd/data?

is this something i have to define in access.conf?

marcs

8:59 pm on Jun 19, 2003 (gmt 0)

Anything in DocumentRoot and in directories below it is accessible by anyone with a web browser (unless you protect certain areas).

No one should be able to get to anything above DocumentRoot with a web browser.

mimerim

9:19 pm on Jun 19, 2003 (gmt 0)

even if ServerRoot is set to /usr/www/username/httpd/?

DocumentRoot is set to /usr/www/username/httpd/htdocs. i'm just really stumped as to how spammers are getting addresses located in /usr/www/username/httpd/data.

and thanks for your help. :)