Quote:
Originally Posted by WeMasterz5
have done most if everything from these forums to secure server..
|
No you haven't!
I can tell from the rest of your post, you have at several separate security
holes that obviously haven't been closed yet although there are plenty of
posts around here describing both which ironically I posted on those very
same topics just within this past week.
Like PlatinumServerM said above, switch your PHP from DSO over to SuPHP
and then
make your /tmp partition non-executable and disallow escalations
(yes I've posted on both of those recently as well - look at my old posts)
Wouldn't hurt to throw in a mod_security rule or two either to go ahead and
block the requests from the obvious bonehead newb wannabe hacker.
If you would like more one on one assistance to more aggressively attack
these issues and maybe close out more hidden problems then contact me
and I'll be glad to give you a hand with that.
In the meantime, I would suggest addressing the items I listed above and
reading through some of my prior posts as that should give you a wealth
of more information as to how to address those items and secure other
parts of your server, etc.