Find the answer to your Linux question:
Results 1 to 2 of 2
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Apache: prevent users from browsing the server


    A while back I got infected with a nasty scripts on my site.
    I found a file, dir.php, that looked suspicious and it turned out it was somewhat of a multitool for exploring the system.

    The thing that bothered me the most was that the "hacker" could browse my entire webserver, read /etc/passwd and lots of other stuff.

    Here is a link to a .zip of the script:
    My anti-virus gave me a warning about a PHP backdoor just to let you know!

    However, I'm wondering how do I protect myself against this?
    Can I chroot every vhost so they can only read their documentroot?

    What do big webhosters do to prevent users from using this scripts like this and steal information on the servers?

    Thanks for any info on this!

  2. #2

    We can run Root-kit hunters on daily basis which scans for suspicious files or scripts running which can be automated through cron to send the scan reports and also applying some rules configuration files of the webserver will help in securing the server

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts