Find the answer to your Linux question:
Results 1 to 2 of 2
Hi, A while back I got infected with a nasty scripts on my site. I found a file, dir.php, that looked suspicious and it turned out it was somewhat of ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Apr 2012
    Posts
    44

    Apache: prevent users from browsing the server


    Hi,

    A while back I got infected with a nasty scripts on my site.
    I found a file, dir.php, that looked suspicious and it turned out it was somewhat of a multitool for exploring the system.

    The thing that bothered me the most was that the "hacker" could browse my entire webserver, read /etc/passwd and lots of other stuff.

    Here is a link to a .zip of the script: omg.nu/dir.zip
    My anti-virus gave me a warning about a PHP backdoor just to let you know!

    However, I'm wondering how do I protect myself against this?
    Can I chroot every vhost so they can only read their documentroot?

    What do big webhosters do to prevent users from using this scripts like this and steal information on the servers?


    Thanks for any info on this!

  2. #2
    Just Joined!
    Join Date
    May 2012
    Posts
    9
    Hi

    We can run Root-kit hunters on daily basis which scans for suspicious files or scripts running which can be automated through cron to send the scan reports and also applying some rules configuration files of the webserver will help in securing the server

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •