dissallow usage of all cgi-sys scripts

**eter4** · 03-11-2004 10:12 AM

I have a customer that is being attacked. What the people are doing is trying to spam using the cgi-sys formmail in his hosting server.

Is there a way to remove these scripts from the users directory or the server alltogether??

Thanks

JD

**DJ_Max** · 03-11-2004 04:48 PM

Originally posted by eter4
I have a customer that is being attacked. What the people are doing is trying to spam using the cgi-sys formmail in his hosting server.

Is there a way to remove these scripts from the users directory or the server alltogether??

Thanks

JD

You can remove this from the Reseller WHM control panel.
Packages >>Feature Manager

Then on the packages creation/edit page there's an checkbox for "Email Scripts (cgiemail,formmail)"
uncheck that.

**eter4** · 03-11-2004 05:51 PM

Will this just remove the link from CPANEl or actually remove the scripts from the server?

**DJ_Max** · 03-11-2004 06:50 PM

Originally posted by eter4
Will this just remove the link from CPANEl or actually remove the scripts from the server?

I'm not for sure.

I'll try it.

**Jabberwocky** · 03-13-2004 10:18 AM

I've just actually done this... and it's pretty simple.

Find your apache config (usually /etc/httpd/conf/httpd.conf

and open it up in an editor on your shell (I reccomend pico/nano)

Find the line that says

ScriptAlias /cgi-sys/ /usr/local/cpanel/cgi-sys/

and change it to

# ScriptAlias /cgi-sys/ /usr/local/cpanel/cgi-sys/

Now use WHM to restart Apache and voila! no more

LinkBack

Thread Tools

dissallow usage of all cgi-sys scripts

Re: dissallow usage of all cgi-sys scripts

Disable insecure Cpanel cgi-sys scripts -- ¿?¿?

suexec and cgi-sys scripts

CGI-scripts not found from cgi-sys

Adding Scripts to the cgi-sys Directory?

PLEASE let us disable cgi-sys/formmail* scripts!