1 of my shared hosting servers running Plesk 12.5 was hacked from 1 vhost.
Scripts were uploaded into a compromised CMS, which created symlinks to config-files of all other vhosts on the server.
These symlinks were created using CGI/Perl. All files of other users were readable.
All this was made possible because of a simple .htaccess which enabled CGI and FollowSymLinks.
Right now I think I tackled the issue by configuring nginx to allow symlinks only to files of the same users.
But...
Possible security issue?
Scripts were uploaded into a compromised CMS, which created symlinks to config-files of all other vhosts on the server.
These symlinks were created using CGI/Perl. All files of other users were readable.
All this was made possible because of a simple .htaccess which enabled CGI and FollowSymLinks.
Right now I think I tackled the issue by configuring nginx to allow symlinks only to files of the same users.
But...
Possible security issue?