Affordable Web Hosting with Excellent Customer Support internet connection free month hosting

SiteSafe from Internet Connection

The SiteSafe utility provides Internet Connection's Unix/Linux hosting customers with an excellent means of securing their websites and content. SiteSafe allows you to lower the access rights of your account. The reduced privileges apply to all scripts and pages on your site, including CGIs and PHP pages. Once these reduced privileges are in place, the files that make up your site can neither be modified nor deleted. This can dramatically reduce the number of problems that may occur as a result of buggy CGI and PHP applications.
SiteSafe also allows you to resume normal access rights at any time with a security token that is granted when SiteSafe is enabled, thus giving you the ability to make legitimate changes to your web site and applications.

Enabling SiteSafe

SiteSafe must be enabled via the command line interface of your account. If you are unfamiliar with using the command line interface, please consult the IC Tech. Ref. Document
Your Account's Command Line Interface. Once you have logged into your account you will be at your command prompt:
bash-2.04$
 
From this prompt, enter the command "sitesafe" to see the current status of SiteSafe:
bash-2.04$ sitesafe
sitesafe is off
bash-2.04$
 
To enable SiteSafe, simply type "sitesafe on" and hit enter. You should then see lines similar to the following:
bash-2.04$ sitesafe on
run this command to disable sitesafe:
sitesafe 57552077543e5cf8
bash-2.04$
 
It is VERY important that you save the alphanumeric key returned after turning sitesafe on, as you will need this key in order to turn sitesafe off.

Configuring SiteSafe

You must specify those directories that your web applications will need to retain access to when SiteSafe is enabled. These are any directories containing files that your web applications write to. Consult the documentation for your web applications to determine what directories must be writable. Once you have determined which areas should remain writable, they may be specified in a file which must be named ".sitesaferc", and placed in the root directory of your account. For example, if you wanted to allow modifications in the "ftpshare" directory and in the "uploads" directory, your .sitesaferc file would look like this:

ftpshare
uploads

Please note that only directories located within your root directory may be specified in the .sitesaferc file. Also keep in mind that if you have a directory that is writable via inclusion in your .sitesaferc file, all directories under it will also be writable. For example, if you had a subdirectory under "uploads" called "user1dir" it would be writable, given the .sitesaferc file show above. However, specifying uploads/user1dir in the .sitesaferc file instead of uploads would not work.

Disabling SiteSafe

You will need to disable SiteSafe to upload new files, change/delete existing files, or make any other changes to files and directories that are protected by it. Disabling SiteSafe must be done using your account's command line interface. Once you have logged into your account you may disable SiteSafe by typing "sitesafe" followed by the key you were given when you enabled SiteSafe, and hitting enter. For example:
bash-2.04$ sitesafe 57552077543e5cf8
bash-2.04$ sitesafe
sitesafe is off
bash-2.04$
 
If you forgot or misplaced your SiteSafe key, please contact the Support department to have our support technicians disable SiteSafe for you.

SiteSafe Conflicts

As SiteSafe prevents modifications to your files, there are some tools that will not work properly with SiteSafe. These tools are listed below:
  • SVFilter
    The spam and virus filter will not work properly with SiteSafe, thus SiteSafe cannot be enabled while one or more of your site's mailboxes are using the SVFilter. It will warn you should you try to enable it:
    bash-2.04$ sitesafe on
    sitesafe is incompatible with the svfilter (presently)
    bash-2.04$
     
    You must first disable your email spam and virus filtering via the netConsole before enabling SiteSafe.
  • General SiteSafe netConsole Conflicts
  • Most other netConsole features will not currently work with SiteSafe, as these features require the ability to create and/or modify files, which SiteSafe prevents.

SiteSafe Quick Reference

  • sitesafe
    -Displays the current status of SiteSafe
  • sitesafe on
    -Enables SiteSafe and returns an alphanumeric key which must be used to disable SiteSafe
  • sitesafe key
    -Disables SiteSafe (where key is the alphanumeric key provided when SiteSafe is enabled)

Related Items