Re: server/PHP security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



http://www.hardened-php.net/advisory_202005.79.html

check this out

On 4/6/06, Wolf <LoneWolf@xxxxxxxxx> wrote:
> I woke up on thanksgiving morning to find my server hacked through a
> hole left by a file upload area of my site.  I restored the backup and
> placed a few blocks in place on the server, so they can get in, but they
> can't get out....  ;)
>
> What I am interested in finding out is what the best way is to make sure
> that I can rework the upload area to allow upload and download from it
> while keeping script kiddies from exploiting it again.
>
> I can post the scripts (if you are interested in pulling them apart or
> such) as I have accumulated 3 different versions now, but I am wondering
> what you guys use currently as "standard" PHP security and still do file
> parsing and such.
>
> Thanks,
> Wolf
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux