Re: security issues with apache!
> I had a similar encounter about 2 months ago. The intruder exploited a
> PHP script that was poorly written. If you check your http access logs,
> you will most likely find an entry about the PHP that is been exploited.
> Once you find the offending PHP script, you can either remove it or
> add an exit(0); on top of the script so that it does not accept any
> input. If you are a good PHP programmer, you could fix the script so
> that it validates whatever input its getting.
if PHP is the entry point, then take a look at
- libapache2-mod-suphp
- PHP SAFE-Mode
- PHP Basedir
- set 'allow_url_fopen = Off' in your php.ini
they help. Also make sure, that there is no
writeable directory for the apache user.
--
Florian Reitmeir
Reply to: