Re: security issues with apache!
At 1141730613, Petter Senften wrote:
> Recently I've noticed that my Apache-installation gets
> violated and that an intruder somehow manages to put stuff
> in /tmp and /var/tmp. Then it makes Apache execute these.
Do you have mod_cgi installed and activated? If you are not
using it, disable it.
If the trouble-maker is executing things via PHP scripts,
you can stop them by disabling the exec and related
functions in PHP. The following line in /etc/php.ini would
do it for example:
disable_functions = system, exec, shell_exec, passthru, popen, pcntl_exec, openlog
Alternatively turning on "safe mode" does this, I believe.
--
Jon Dowland
http://alcopop.org/
Reply to: