Set the permissions of the file to read only: chmod -w yourfilename.ext To change this for all files in a direcory: cd /your/directory chmod -R -w *
thanks But I mean for all my clients on my server i mean Hypothetical i don't want any user but any command in this filse like Disruption mod security
There's no problem if you don't give your users shell access (which is a security risk) and configure ProFTPd to not show files beginning with a dot (which is the default setting).
thanks falko But if penetrator able to disrupt protection Will hacked the sites and used the shell freely
If you chown the files to user and group root, then someone needs root priveliges to change the files.
how ido that i have new client every day ? how i make that by default i don't want any user but any command in this filse now or later ?
You could setup a cron job that executes a shell script on a regular base... like every 10 min or so... That shell script will then fetch all .htaccess files from a given directory (or maybe even subdirectories [but one level down is probably enough] and alter the ownership and file mode... The shell script would be something like this (needs to be tested!!!): Code: for FILE in "$(find /var/www -maxdepth 2 -name ".htaccess")" do # Echo the files found echo $FILE # Chown the files found # chown root.root $FILE # Chmod the files found # chmod 0755 $FILE done exit 0 This above script will search all /var/www plus it will go one directory down.... assuming that you have the setup something like this: /var/www --> /var/www/web1 --> /var/www/web2 --> /var/www/web3 If you have the user webfolder in something like this: --> /var/www/web3/html Then alter the maxdepth limitation... I'm not sure if the above example is already set to one level deep or not... Hence I did comment out the actual chownin and chmodding... first use the echo
