Depending on what you are trying to do layout pages could be better. The fact that it is displayed inside an iframe or not is irrelevant. This is a much better solution, as the logs are compressed and stored in each user account, but VERY time consuming if you have a ton of users. iframes are a client side mechanism so either you have access to a page or not. The other option is to go into each cPanel under "raw access logs" and enable archiving. Shut off "delete each sites access logs after stats run." Currently that's the only supported way to enable apache access log archiving for all your users, but it kind of sucks because they never rotate and they're not compressed. ![]() If your domlogs (apache access logs) are being deleted every day (Which is default) you should disable that in WHM under tweak settings > stats and logs. However, occasionally they're added with PHP shells if it's done with PHP shells you need the apache access logs. I find most iframes are added with FTP logins that are compromised, so this is obvious in /var/log/messages. Check your FTP logs, and check the apache domlogs for the time stamps when the files with bad iframes were last modified. The sandbox attribute of the iframe element is a useful security feature for iframes. Trying to prevent them from being served is a moot point, since if they are there, your account is probably compromised. Safari discards cookies set in iFrame for its own security purposes, so it is not possible to use them on different websites. You need to determine how the iframes are being added to the files. Reason 3: Security issues with iframe integration Using iframes with Safari has some security limitations. It could probably be done, but it's not the best solution for your problem in my opinion. ![]() By default, the restricted sites zone is. Blocking the iframes themselves would probably require output filtering with modsec, unfortunately most rules I deal with are for preventing inbound requests not data output. Applies the users Restricted Sites Internet Explorer security zone settings to an individual frame or iframe.
0 Comments
Leave a Reply. |