RedHatVN Network » Disable wget http://redhatvn.net Shared Linux problems Tue, 07 Sep 2010 08:08:35 +0000 en hourly 1 http://wordpress.org/?v=3.0.1 Disable wget http://redhatvn.net/disable-wget http://redhatvn.net/disable-wget#comments Fri, 31 Jul 2009 16:58:40 +0000 admin http://redhatvn.net/?p=37 wget is one of the largest threats for your server security. A single abuser that gains access to wget can download and run any script that he wants, totally compromising your server.
It is highly recommended that you allow only root to use wget and you restrict all other users from it.

It is highly recommended that you allow only root to use wget and you restrict all other users from it.

  1. Login to your server as root
  2. Run the fallowing command

    3. chmod 0700 /usr/bin/wget

Please note that disabling wget might cause some scripts to stop working. A known problem is that Fantastico will stop updating after this. The solution is pretty easy…
Before you disable wget make sure that you do a copy of it with the initial permissions. You can use any name that you want, the fallowing is just an example:

cp /usr/bin/wget /usr/bin/wget_secret

In the Fantastico configuration input the location to wget as:

/usr/bin/wget_secret

If for some reason you you want to revert the change you simply have to do:

chmod 0711 /usr/bin/wget

If you have any questions or suggestions please leave a comment.

]]> http://redhatvn.net/disable-wget/feed 1