mod_userdir

Shared

Because of this module, cPanel clients often think that they have been hacked, when in fact this is not true.

Apache mod_userdir allows any person to display their own web content on another person's domain name by placing "~username" at the end.

The actual content in these cases is hosted from the trailing user name and not the domain name, which so far has not been compromised.

EXAMPLE

So if my domain name is "bigjerk.com" and my user name is "big", I can list any other domain name that shares a server with me (e.g. "notavictim.com") and place my user name at the end like so...

http://notavictim.com/~big/

This will display the "bigjerk.com" website, but looks like the content belongs to "notavictim.com".

This feature is difficult to disable, so we normally do not.

  • 2 Users Found This Useful
Was this answer helpful?

Related Articles

.htaccess guidance

.htaccess is a special Apache file that tells your website how to function. You can edit the...

About Apache

Apache is the program on our servers used to view web pages. What are the maximum number of...

Apache Directives for .htaccess

Here is a list of the Apache Directives you can use in the .htaccess file. AddCharSet: Maps...

Apache mod_rewrite and examples

What is mod_rewrite? Mod Rewrite allows you to change the URL that everyone sees when they visit...

Apache Virtual Host

Apache Virtual Host can be managed on a dedicated server. <VirtualHost 74.54.217.194:80>...