the reason you have not had any responses is you are a little vauge with your question
and the forums are for server administrators that run their own web servers with cpanel/whm ISTALLED. The question you asked would be best asked if you asked your web Host thats what you pay them for
and the forums are for server administrators that run their own web servers with cpanel/whm ISTALLED. The question you asked would be best asked if you asked your web Host thats what you pay them for
I appologize for my rude comment. Brought my work life into my personal life. But I know I should ask my host. I did but he has no clue. Ok this is the whole story:
A friend of mine had a very popular website. Someone uploaded a .gz file that had a trojan and he took over his account and removed everything. Well I am hosting him now but I don't want that to happen again. So I need to find a way to not allow any .gz .gzip files on my account. I am not sure if that is something cpanel can do, or if that is something a .htaccess code could do. Again I am sorry for my rude comments earlier.
A friend of mine had a very popular website. Someone uploaded a .gz file that had a trojan and he took over his account and removed everything. Well I am hosting him now but I don't want that to happen again. So I need to find a way to not allow any .gz .gzip files on my account. I am not sure if that is something cpanel can do, or if that is something a .htaccess code could do. Again I am sorry for my rude comments earlier.
From what you say, it sounds like a gzipped file was somehow placed in the server's /tmp directory and then executed from there, probably by means of a known exploit in a web application such as phpBB.yukisho said:
Your concern here is NOT gzipped files - these being legitmately uploaded in any form or fashion will not present you with any problems.
The problem here is server security. In short, potentially vulnerable web applications should always be updated where possible to the latest known version and various pretty standard steps should be taken to prevent anything being executed from /tmp, or /var/tmp, that should not be.
If you don't want a repeat of the previous issue, speak to your host about ensuring that the server on which the account is located is sufficiently hardened against such exploits.
| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
|
IP Banning | General Discussion | 3 | |
| T | banning ip, getting error | General Discussion | 8 | |
| D | IPBanning Someone In WHM | General Discussion | 3 | |
|
Banning an IP | General Discussion | 3 | |
| X | APF/AD banning all IP`s | General Discussion | 4 |