Hello all. I have a customer that purchased on of my scripts and
attempted
to install it on their server. This script, among other things, FTPs a
text file
from a central server. When we tried to run my script, it simply
stops. No
errors, no nothing. I talked to his host and found out that
On Wednesday 12 February 2003 02:54, Christopher Ditty wrote:
Hello all. I have a customer that purchased on of my scripts and
attempted
to install it on their server. This script, among other things, FTPs a
text file
from a central server. When we tried to run my script, it simply
stops.
On Tuesday 11 February 2003 02:11 pm, Jason Wong wrote:
On Wednesday 12 February 2003 02:54, Christopher Ditty wrote:
Hello all. I have a customer that purchased on of my scripts and
attempted
to install it on their server. This script, among other things, FTPs a
text file
from a
Unfortunately, I can only get the file via FTP. I just want to know
where this other host got it's information.
Chris
Reuben D. Budiardja [EMAIL PROTECTED] 02/11/03
01:35PM
On Tuesday 11 February 2003 02:11 pm, Jason Wong wrote:
I agree with that. It's only a (potential) problem if you're
On Tue, 11 Feb 2003, Christopher Ditty wrote:
errors, no nothing. I talked to his host and found out that they do
not allow PHP FTP because it is a security risk. ? U, ok?
I consider FTP a security risk, period. (There /are/ ways to run an FTP
server securely, but I won't assume
On Tue, 11 Feb 2003, Chris Wesley wrote:
On Tue, 11 Feb 2003, Christopher Ditty wrote:
errors, no nothing. I talked to his host and found out that they do
not allow PHP FTP because it is a security risk. ? U, ok?
That said ... FTP is a protocol; there's nothing stopping you
Chris, Did you read the rest of the message? It sounds like the web
host is saying that
someone can access PHP FTP from an outside server and hack into the
server.
I am not trying to start a debate on whether or not people should send
passwords and
userids over plain text. Yes, that is a
--- Christopher Ditty [EMAIL PROTECTED] wrote:
This script, among other things, FTPs a text file from a central server.
When we tried to run my script, it simply stops. No errors, no nothing.
I talked to his host and found out that they do not allow PHP FTP because
it is a security risk.
script
that they have written.
James Hicks
-Original Message-
From: Christopher Ditty [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 11, 2003 3:34 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: [PHP] PHP FTP a security risk?
Chris, Did you read the rest of the message
On Tue, 11 Feb 2003, Christopher Ditty wrote:
Chris, Did you read the rest of the message? It sounds like the web
Yes, I read your entire message.
host is saying that
someone can access PHP FTP from an outside server and hack into the
server.
That's precisely NOT what the hosting provider
On Wednesday 12 February 2003 07:46, Chris Wesley wrote:
On Tue, 11 Feb 2003, Christopher Ditty wrote:
Chris, Did you read the rest of the message? It sounds like the web
Yes, I read your entire message.
host is saying that
someone can access PHP FTP from an outside server and hack into
On Wed, 12 Feb 2003, Jason Wong wrote:
On Wednesday 12 February 2003 07:46, Chris Wesley wrote:
You access an FTP server with a user name and a password to retrieve a
file via PHP FTP. The user name and password is the same that grants
you access to your hosting providers server.
On Wednesday 12 February 2003 14:02, Chris Wesley wrote:
Why? What's a better argument? It's certainly just a piece of a much
larger argument, but avoiding a full-fledged lecture outside the immediate
context of the original question (and trying to keep it related to PHP
somehow) makes it
On Wed, 12 Feb 2003, Jason Wong wrote:
On Wednesday 12 February 2003 14:02, Chris Wesley wrote:
Why? What's a better argument? It's certainly just a piece of a much
larger argument, but avoiding a full-fledged lecture outside the immediate
context of the original question (and trying to
On Wednesday 12 February 2003 15:00, Chris Wesley wrote:
If you assume the users use FTP for uploads, then you have to assume the
hosting company is a band of hypocrites.
So the conclusion for the OP is simple:
If the host is allowing you to use FTP to upload your site then they are a
bunch
On Wednesday 27 November 2002 03:25, Richard Fox wrote:
To relate this to php, I am ready to give up
trying to make my
system(scp ..);
code work, because I will have to give the apache user more permissions
than I am comfortable with.
What exactly are the problems
My company, as a matter of policy, closes the ftp ports of the servers in the DMZ.
However, I am not convinced that this is necessary, given the advent of very secure
ftp servers. I would appreciate any comments on the security of an open ftp port. To
relate this to php, I am ready to give up
Rich,
Why don't you create an ssh tunnel between your two boxes and then
perform you ftp connection through there? This way, the connection would
be secure and you could impersonate whichever user you need to.
There is also a secure version of ftp, but I don't think that it can be
instantiated
On Wednesday 27 November 2002 01:42, Richard Fox wrote:
To relate this to php, I am ready to give up
trying to make my
system(scp ..);
code work, because I will have to give the apache user more permissions
than I am comfortable with.
What exactly are the problems you're encountering
To relate this to php, I am ready to give up
trying to make my
system(scp ..);
code work, because I will have to give the apache user more permissions
than I am comfortable with.
What exactly are the problems you're encountering using scp?
I created an apache user, which I
Marco,
Would you have any examples for using an SSH tunnel? I'm using fsockopen
to get data from proprietary server software (just returns data to me in
different formats) and I would like to have it secure. I'm just not sure
how I could incorporate that.
Thanks,
Bryan
On 26 Nov 2002,
21 matches
Mail list logo
