ConfigServer Community Forum

You can add it yourself if you under stand perl regex handling in /etc/csf/regex.pm, otherwise i'll put it on the wishlist.

You would have to enable phpsuexec to prevent users browsing outside of their accounts like that. That's one of the major security flaws with PHP.

This should now be fixed in v2.61

chenull wrote:but it doesnt work or i just missconfigured it ?

It won't work - there's no such functionality in the advanced port blocking.

I'll put it on the bug list to investigate.

Actually, just checked, it's corrected in v1.4

You're right, it should be cmd:

You'd have to whitelist it by adding the following line to csf.pignore:

cwd:/usr/bin/php cron.php

It'd changed after some work with mod_security v1. I've reverted it back to how it was for csf v2.54 now

I haven't as I don't have access to a Debian server, but would be interested to know if anyone has too.