April 13th, 2010, 08:49 PM
Originally Posted by malesef
I have question if you dont mind mee ask.
I have apache, ftp and mysql installed in centos.
when you enter the http : // ip address
Apache gets the user name and password on page , checks with mysql and opens ftp to user
however if I type the http : // ip address/ftp/ I am able to access all data without entering user and password which is kind of an open gate that we do not want.
basically user ftp directory is /var/www/ftp and whoever types my server url and adds /ftp , he is able to see all ftp content. I do not know it is apache or ftp user issue
I think I am missing somethings.
Do you guys have any idea about that?
all suggestions are more than welcome.
thank you in advance
What exactly is http://ip address/ftp ? How is your FTP server set up? Going to http
:// will display a web page (or files). You can deny access to directory listings via Apache if this is what you want.
However, if you meant that you typed ftp
://ip address/ftp, then my question would be: When did you try this? If immediately after ftp://ip address, then the user/pass was probably stored on the machine (cookie or whatnot).
"I don't need to get a life. I'm a gamer. I have lots of lives!"