Security problem on my server...

On my server I have enabled in WHM (cPanel) mod_userdir for one my account and I use that for new users for temporary url http://www.my-domain.net/~new_user but I have big problem, for that url somebody can access to old account and cgi-bin and list content of cgi-bin, read files like data.db, data.txt etc. without any problem in browser, but in that files can be password and much more...why in this case cgi-bin don`t work like when somebody access to cgi-bin:
http://www.domain.com/cgi-bin/file.txt in this case must be internal server error (500)...

How I can fix this, how I can set for cgi-bin something like "open_basedir" for php?

Why cgi/perl scripts don`t work and why I can read content of files who don`t have extension .cgi?


Also, one more problem, on my server for my site I don`t use shared IP address like for other users and now when somebody access direct to my shared IP he can see first site in httpd.conf who use that shared IP!! How I can redirect that man to my site, also, I have that when somebody access to http://plain.myserver.net!

CAN SOMEBODY HELP TO ME?

SORRY IF MY ENGLISH BAD...

Thanks.

 

 

 

 

Top