Chris Boyd wrote: > On Aug 21, 2009, at 4:17 PM, Ray Van Dolson wrote: > > >> - Keep phpMyAdmin up to date. Best way to do this is to use a >> package from a well known repository like EPEL that keeps the >> package at the latest version for you. >> - Run with SELinux Enforcing >> - Protect phpMyAdmin with Basic HTTP authentication instead of >> relying only on phpMyAdmin's authentication which does nothing to >> prevent the exploitation of many URL-based vulnerabilities. >> > > What he said, plus change the URL to something other than the default / > phpmyadmin/ > and, heh, don't post any sort of log analyzer output on any publically accessible pages, or your hidden URLs will likely show up and get googled. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: httpd - mysql - paypal.com.tar - hacker
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: CentOS mailing list <centos@xxxxxxxxxx>
- Subject: Re: httpd - mysql - paypal.com.tar - hacker
- From: John R Pierce <pierce@xxxxxxxxxxxx>
- Date: Fri, 21 Aug 2009 15:05:50 -0700
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <5EED457B-5638-478A-9AD3-753126434225@xxxxxxxxxxxxxxxxx>
- References: <1250888923.3155.19.camel@xxxxxxxxxxxxxxx> <20090821211714.GA23354@xxxxxxxxxxxx> <5EED457B-5638-478A-9AD3-753126434225@xxxxxxxxxxxxxxxxx>
- User-agent: Thunderbird 2.0.0.23 (Windows/20090812)
- References:
- httpd - mysql - paypal.com.tar - hacker
- From: Gregory P. Ennis
- Re: httpd - mysql - paypal.com.tar - hacker
- From: Ray Van Dolson
- Re: httpd - mysql - paypal.com.tar - hacker
- From: Chris Boyd
- httpd - mysql - paypal.com.tar - hacker
- Prev by Date: Re: httpd - mysql - paypal.com.tar - hacker
- Next by Date: Re: httpd - mysql - paypal.com.tar - hacker
- Previous by thread: Re: httpd - mysql - paypal.com.tar - hacker
- Next by thread: Re: httpd - mysql - paypal.com.tar - hacker
- Index(es):
 |