Is it safe to show server stats?
For instance, is it alright to show things like
- bandwidth utilization - current users, uptime, etc (output from /usr/bin/w) - free memory (output from /usr/bin/free) - cpu information (from /proc/cpuinfo) Is there any information that might be exploited in this way? If you'd like to see an example, I have this on my server http://sunfryes.com/load/. Thanks! |
I would say that showing usernames to the world is not a good idea.
If you want to be able to check your server-status from a remote location, maybe you should consider restricting acces to this page. Assuming your usnig apache, you could do something like this in your httpd.conf: Code:
# |
Oh yes, good idea about the usernames. I'd rather not restrict the directory (via ip or .htaccess) since I'd like to leave as much of that info public as possible.
I'll just change the /usr/bin/w command to /usr/bin/uptime! Thanks! |
Take a look at http://phpsysinfo.sourceforge.net/
|
All times are GMT -5. The time now is 07:18 AM. |