I wrote a small howto in the german corner for some users without a very good knowgledge to fix the security wholes in ispcp 1.0.5
So this is the translation of it, if you found any mistakes, please tell me, but i tested it on several machines and it worked well.
First we fix the security whole mentioned here:
http://isp-control.net/forum/thread-1122...l#pid84851
Code:
cd /var/www/ispcp/gui/client
Open and change the file
Search:
Code:
$query = "
SELECT
`sqlu_name`, `sqlu_pass`
FROM
`sql_user`
WHERE
`sqlu_id` = ?
";
Replace with:
Code:
$query = "
SELECT
`sqlu_name`, `sqlu_pass`
FROM
`sql_user`, `sql_database`, `domain`
WHERE
`sql_user`.`sqld_id` = `sql_database`.`sqld_id`
AND
`sql_user`.`sqlu_id` = ?
AND
`sql_database`.`domain_id` = `domain`.`domain_id`
AND
`domain`.`domain_admin_id` = ?
;
";
Search:
Code:
$rs = exec_query($sql, $query, $db_user_id);
Replace with:
Code:
$rs = exec_query($sql, $query, array($db_user_id, $_SESSION['user_id']));
Safe and exit.
Now we fix the security whole, mentioned here:
http://isp-control.net/forum/thread-1126...l#pid85150
Code:
cd /var/www/ispcp/engine
Open and change the file
Code:
nano ispcp-dmn-mngr
Search:
Code:
"--database=\"$db_name\"";
$rs = sys_command($cmd);
Replace with:
Code:
"--database=\"$db_name\"";
$rs = sys_command_rs($cmd);
Search:
Code:
"--database=\"$db_name\"";
$rs = sys_command($cmd);
Replace with:
Code:
"--database=\"$db_name\"";
$rs = sys_command_rs($cmd);
Search:
Code:
"--database=\"$db_name\"";
$rs = sys_command($cmd);
Replace with:
Code:
"--database=\"$db_name\"";
$rs = sys_command_rs($cmd);
Safe and exit.
So lets go on
Code:
cd /var/www/ispcp/engine/backup
Open and change the file
Code:
nano ispcp-backup-all
Search
Code:
$rs = sys_command($db_backupcmd);
Replace with
Code:
$rs = sys_command_rs($db_backupcmd);
safe and exit.
Last one.
Open and change
Code:
nano ispcp-backup-ispcp
Search
Code:
$rs = sys_command($db_backupcmd);
Replace with
Code:
$rs = sys_command_rs($db_backupcmd);
Safe and exit.
Now we delete all logfiles stored at /var/log/ispcp
(i know there are better ways, but i think its the method, where people without much knowglede can't make any mistakes)
Code:
mkdir ispcp-arpl-msgr
Code:
chmod 750 ispcp-arpl-msgr
Code:
chown vmail:mail ispcp-arpl-msgr
Now ispCP should be secure again