Posting in the Magento forums has been disabled pending the implementation of a new and improved forum solution which should better serve the community.

For new questions please post at magento.stackexchange.com, the community-run support site for the Magento community. We will be providing updates on the new forum solution soon. For questions or concerns please email community@magento.com.

Magento Forum

client denied by server configuration - attempt by hackers
 
pooniraja
Jr. Member
 
Total Posts:  26
Joined:  2007-12-22
 

The bum(s) tried it again today

Here are their IP addresses:
195.242.99.96
78.109.20.194
205.209.127.247

Lately I have had a lots of “client denied by server configuration” messages and orders have stopped coming in.

Here are two examples:
====================
[error] [client 78.109.20.194] client denied by server configuration: /home/gi/public_html/downloader/pearlib/download/Mage_Core_Modules-1.1.4/Mage/Sales/Model/Mysql4/Quote/Address/Attribute/76478.php

[error] [client 195.242.99.96] client denied by server configuration: /home/gi/public_html/downloader/pearlib/download/Interface_Frontend_Default-1.2.0.1/frontend/default/default/template/downloadable/checkout/cart/item/168286.php
=====================
Upon googling these IP’s I found that quite a few people are unhappy about these IPs.

Any suggestions about security.

Can the one lock down downloader directory, and then change permissions temporarily when upgrades need to be performed?

Does any one have permission rules for all the directories??

Thanks

 
Magento Community Magento Community
Magento Community
Magento Community
 
Sindre|ProperHost
Mentor
 
Avatar
Total Posts:  1158
Joined:  2008-04-24
 

Make sure the permissions on all your directories are set to chmod ‘755’ or ‘750’, and the permissions on all files to chmod ‘644’ or ‘640’. These permissions are safe. Also make sure all files and directories are owned by you (the account user).

To quickly apply these rules, enter the following commands via SSH from your Magento root directory:

find . -type d -exec chmod 755 {} \;
find . -type f -exec chmod 644 {} \;
chown -R username:group .

Replace username and group with the user ID that PHP scripts are executed under.

Please note that the above only applies if you have some kind of suEXEC or suPHP enabled on the server. If PHP is handled by mod_php, all scripts are executed under the user ID of the web server process owner (a bad idea in a shared hosting environment), and those permissions may not work.

If you have a firewall, you may add those suspect IPs to the deny list, or you may be able to add IP blocks through your control panel.

 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
Back to top