News
Shared Server Security Notice Regarding .htaccess Files
Posted by Brian Ellwood on 03 June 2015 10:42 AM

This notice affects all users on our cPanel based shared hosting services.

There has been an uptake in 500 errors relating to invalid settings within .htaccess files.

The following directives are not valid and will cause 500 errors:

 

Options All

Options +FollowSymLinks

Options +SymLinksIfOwnerMatch

 

...or any combination of those options.

 

This was previously not aggressively enforced however we are now explicitely denying traditional symlinks and explictely forcing secure symlinks.

By enforcing these options, CMS software such as Wordpress/Joomla/etc which are often the target and victim of malware infections are now much more secure along with the server itself.

 

Please ensure your .htaccess files are properly configured to avoid any issues by removing any of these directives from your .htaccess files.

 

Should you have questions, please feel free to open a support ticket.


Powered by TurnKey Internet