Disable wget
Posted by adminJul 31
wget is one of the largest threats for your server security. A single abuser that gains access to wget can download and run any script that he wants, totally compromising your server.
It is highly recommended that you allow only root to use wget and you restrict all other users from it.
It is highly recommended that you allow only root to use wget and you restrict all other users from it.
- Login to your server as root
- Run the fallowing command
chmod 0700 /usr/bin/wget
Please note that disabling wget might cause some scripts to stop working. A known problem is that Fantastico will stop updating after this. The solution is pretty easy…
Before you disable wget make sure that you do a copy of it with the initial permissions. You can use any name that you want, the fallowing is just an example:
cp /usr/bin/wget /usr/bin/wget_secret
In the Fantastico configuration input the location to wget as:
/usr/bin/wget_secret
If for some reason you you want to revert the change you simply have to do:
chmod 0711 /usr/bin/wget
If you have any questions or suggestions please leave a comment.
2 comments
Trackback by Pokerplay.nu on January 8, 2011 at 1:22 am
Another Title…
I saw recently so sending a trackback to my site, thx again Si…
Trackback by Casino Fruit Machine on January 17, 2011 at 3:51 am
Thanks, found the article on google, nice post fella…
I saw recently so sending a trackback to my site, thx again Si…
You must be logged in to post a comment.