If you are seeing “deny not allowed here” within your error logs .Try adding the following to your httpd conf file for the virtual site.
 [error] [client ::1] client denied by server configuration: /var/www/example.com/ <Directory /home/www/troublefolder>
Options Indexes FollowSymLinks MultiViews +Includes
allow from all
of course replace the trouble folder with the actual folder name . If you do not have access to the httpd conf file , you may need to ask your System Admin to do this for you.
*We need clarification on if this setting inherits to the sub folders.*
send me a message on twitter if you can assist with clarifying the above for me . Twitter
You can disable priorities in
/etc/yum/pluginconf.d/priorities.conf set enabled to 0
A Cautionary Note
Note: The upstream maintainer of yum, Seth Vidal, had the following to say about ‘yum priorities’ in September 2009:
Gosh, I hope people do not set up yum priorities. There are so many things about
priorities that make me cringe all over. It could just be that it reminds me of
apt ‘pinning’ and that makes me want to hurl.
This matter was discussed in more depth in the mailing list thread starting here. The Repositories article noted in that thread, which discusses the exclude and includepkg options for yum, is a better place to start in understanding priorities.
The primary concern is that priorities is heavy handed over removing packages from the transaction set. It makes it difficult to readily determine what packages are being ignored and why. Even so, it is very flexible and can be extremely useful to provide the largest available list of packages.
If you enable both of the SymLinksIfOwnerMatch and FollowSymLinks configuration settings, Apache becomes vulnerable to a race condition through symlinks. This symlink vulnerability allows a malicious user to serve files from anywhere on a server that strict OS-level permissions do not protect. The cPanel Hardened Kernel update provides Symlink Race Condition Protection.
Perpetrators use various methods, also referred to as ‘attack vectors’, to deliver cyberattacks. These attack vectors can be divided into two major categories: Either the attacker persuades the user to visit a malicious website, or he tricks him into running a malicious file on his computer.
Our research reveals a new possible attack vector, using a completely overlooked technique in which the cyberattack is delivered when movie subtitles are loaded by the user’s media player. These subtitles repositories are, in practice, treated as a trusted source by the user or media player; our research also reveals that those repositories can be manipulated and be made to award the attacker’s malicious subtitles a high score, which results in those specific subtitles being served to the user. This method requires little or no deliberate action on the part of the user, making it all the more dangerous.
Unlike traditional attack vectors, which security firms and users are widely aware of, movie subtitles are perceived as nothing more than benign text files. This means users, Anti-Virus software, and other security solutions vet them without trying to assess their real nature, leaving millions of users exposed to this risk. Read more
Kodi Team Response
You may have read in the news that malicious subtitle zip files could potentially infect and harm your media player including Kodi. When Check Point researchers uncovered this flaw they contacted us up front to let us know about this flaw. Our developers fixed this secuity gap and have added the fix to this v17.2 release. As such we highly encourage all users to install this latest version! Any previous Kodi version will not get any security patch. We have began the roll out of this version and Android Play Store as well as Windows Store have this update pending and will roll out as soon as possible. Please be patient if you are using these store versions. Our official download page of course has the regular install files available for the supported platforms. Read more