Difference between revisions of "Moving sensitive files outside the web root"
From Joomla! Documentation
(→Symlinks defeat this.: new section) |
|||
| Line 2: | Line 2: | ||
Can the same kind of security not be reached using a symlink on *nix systems? So you place the configuration.php above the webroot and place a symlink from the original position to the new place of the configuration.php? | Can the same kind of security not be reached using a symlink on *nix systems? So you place the configuration.php above the webroot and place a symlink from the original position to the new place of the configuration.php? | ||
| + | |||
| + | == Symlinks defeat this. == | ||
| + | |||
| + | Normally, web servers will follow symlinks. (although this is configurable on most web servers.) | ||
| + | |||
| + | If you move files out of the web root and make a symlink to them the files are still readable by the world. | ||
| + | |||
| + | The advantage of moving read only files out of the web root and making a symbolic link to them is that it allows you to segment your auditing of your server, and allows things as simple as find -type f to locate all files to be audited after a suspected intrusion. | ||
| + | |||
| + | Further more, symlinks can cause certain attacks to fail as they are based on assumptions that are not true. | ||
| + | |||
| + | I am a big fan of symlinks, but they are no substitute for not allowing access to the files in question. | ||
Revision as of 23:14, 22 March 2011
Using symlinks?
Can the same kind of security not be reached using a symlink on *nix systems? So you place the configuration.php above the webroot and place a symlink from the original position to the new place of the configuration.php?
Symlinks defeat this.[edit]
Normally, web servers will follow symlinks. (although this is configurable on most web servers.)
If you move files out of the web root and make a symlink to them the files are still readable by the world.
The advantage of moving read only files out of the web root and making a symbolic link to them is that it allows you to segment your auditing of your server, and allows things as simple as find -type f to locate all files to be audited after a suspected intrusion.
Further more, symlinks can cause certain attacks to fail as they are based on assumptions that are not true.
I am a big fan of symlinks, but they are no substitute for not allowing access to the files in question.