How to Prevent Symlink Attacks

ad Impact of Symlink - Suppose you own a small hosting company with a Linux Box, & 1337 sites are hosted there. If an attacker gains access to any single site on your server, he can easily create a symbolic link to / directory & then putting the document root afterwards it. Now the attacker can easily read sensitive files, that can be the configuration file of your billing system. Since, he has local access, now he can easily connect to the mysql & pwn all your clients, & the whole company.

How Symlink is Created - A basic linux command is used in creating symlink. i.e,

ln -s source_file link_name



                                     :: 0x02 Protecting ::

Patching Symlink-

1.Change the permission of /bin/ln to 400.

2.Locate php.ini by command- "Locate php.ini” (without quotes) Edit the main php.ini & disable  symlink & proc_open.

3.If you have a shared host, & it is vulnerable to symlink.Then, change the permission of your configuration files to 400. 

4.    Turn PHP safe_mode ON


php.ini-

Was this answer helpful?

 Print this Article

Also Read

How to change default SSH port?

Everyone knows 22 is the default SSH port. So it’s always good to change this default port...

How to install Linux Maldet Anti Sheller

This guide will walk you through installing LMD (Linux Malware Detect) on your VPS/Dedicated...

How to Install Anti DDOS on Server

You can secure your server just by using this 4 Lines codes: First download install package...

How to install mod_security on Apache 2.x

What is mod_security or modsecurity? ModSecurity is an open source intrusion detection and...

Disable shell access for unknown users

Suspect there are other users in your system that have shell access to your system? Please follow...