mirror of
https://github.com/myvesta/vesta
synced 2025-08-20 21:34:12 -07:00
Update README.md
This commit is contained in:
dpeca
GitHub
parent
53f1c6b2bb
commit
77d66b4420
1 changed files with 1 additions and 2 deletions
|
|
@ -14,8 +14,7 @@ Features
|
||||||
+ Support for Debian 10 (previous releases are also supported)
|
+ Support for Debian 10 (previous releases are also supported)
|
||||||
|
|
||||||
+ You can totally "lock" VestaCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
|
+ You can totally "lock" VestaCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
|
||||||
+ After MyVesta installation just execute:
|
+ During installation you will be asked for secret URL for your hosting panel
|
||||||
+ `echo "<?php \$login_url='MY-SECRET-URL';" > /usr/local/vesta/web/inc/login_url.php`
|
|
||||||
+ Literally no PHP scripts will be alive (won't be able to get executed), unless you access the URL with that parameter. Thus, when it happens that, let's say, some zero-day exploit pops up - hacker will not be able to access it without knowing your secret URL. PHP scripts from VestaCP will be simply dead - no one will be able to interact with your panel unless he has the secret URL.
|
+ Literally no PHP scripts will be alive (won't be able to get executed), unless you access the URL with that parameter. Thus, when it happens that, let's say, some zero-day exploit pops up - hacker will not be able to access it without knowing your secret URL. PHP scripts from VestaCP will be simply dead - no one will be able to interact with your panel unless he has the secret URL.
|
||||||
+ You can see for yourself how mechanism was built by looking at:
|
+ You can see for yourself how mechanism was built by looking at:
|
||||||
+ https://github.com/myvesta/vesta/blob/master/src/deb/for-download/php/php.ini#L496
|
+ https://github.com/myvesta/vesta/blob/master/src/deb/for-download/php/php.ini#L496
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue