Quote:
|
Originally Posted by ibbo
A rather interesting file name with extremely worrysome content.
If they can get these scripts up to your server and run them then your virtually opening a door for them build a profile of not just you but your server too.
If in doubt keep em out.
And if they are dumping scripts like that on your server you realy need to keep them out.
I am supprised your ISP has not been intouch as of yet.
Ibbo
|
No no one has uploaded anything like that yet but when you have free or even regular webhosting services it is always good to take precautions. You cannot always depend on your customers to run everything in the most secure fashion so I try to make it where if they are compromised it will not spill over into the rest of the server.
I am just trying to figure out what makes these new style php shells tick so I can disable or configure whatever to prevent it. Used to disabling exec and shell exec was enough but if you experment with that then you will see its something way different.
I think any host with common sense should know whats going on out in the wild and the precautions to take, it doesnt matter if your just hosting church sites or what.
I dont understand what you mean about my isp, Maybe you have misunderstood something but I have my own server and been trying my best to be prepared against all known threats, Actually I guess if I wanted to I could upload something to the server and delete the entire thing lol, It doesnt matter to them. They are real cool and security minded people as well but I do not bother them with small things I am working on.
So no one knows what particular php functions that shell uses and what to disable to stop it? |
