Re: [CentOS] Apache Security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Matthew T. O'Connor wrote:
Is this a know problem? Have others seen it? What can I do to help prevent this? 


PHP is a likely suspect. Do you have globals off?
It can be difficult to find the culprit, hit the logs, look at hacker file creation dates.. try to match the creation time to something done within a script in the logs. Photo Galleries and any script which allows uploads should be the first suspects. And yes, as mentioned, AWstats did have an issue, but it is a pretty old version at this point... still something to look at.
Of course, files uploaded via PHP are owned by Apache or the Apache username assigned. 

Best,
John Hinton
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux