Login | Register
ID #1001

How do I prevent users from changing their domain specific Apache or DNS templates?

Keep your EHCP Force Edition (the following options are enabled by default in EHCP Force Edition, but NOT EHCP NORMAL) and normal edition secure!

It is recommended that you prevent non-administrative users from accessing or changing their domain specific Apache 2 or BIND DNS templates.  The Apache 2 templates are configured to provide additional security by using PHP open_basedir entries.  If a user is able to edit a template for a selected domain, the user might be able to remove these security enhancements essentially opening the entire system to all files owned by the Apache 2 user.  

To prevent this, login as admin.  Click on "Options". 

Click on Options

Next, click on "Edit/Change Options".

Click on Edit Change Options Link

Check the box next to:

Check the box to disable custom http or dns for non-admins

"Disable Custom http for non-admins" to prevent Apache 2 template changes

"Disable Custom dns for non-admins" to prevent BIND DNS template changes.

Tags: apache, apache2, break, change, changes, config, custom, dns, edit, editing, file, files, http, modification, modifications, modify, prevent, security, template

Related entries:

You can comment this FAQ