The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

HELP: Im sick of phishing sites....

Discussion in 'General Discussion' started by Snowman30, Aug 9, 2005.

  1. Snowman30

    Snowman30 Well-Known Member

    Apr 7, 2002
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    DataCenter Provider
    Ive noticed one of our servers has been getting hammered with smart little Fu^%#^$RS uploading various phishing sites and bindshell scripts lately

    we have the server locked down fairly tight run php under suexec, try and ensure all scripts are uptodate whenever a security patch comes out (like everyweek for phpbb :roll: ) are firewalled etc but still the little buggers get in and do damamge before we can catch them

    Im wondering what everyone does to stop them and anyone have any tips to help get rid of them?
  2. chirpy

    chirpy Well-Known Member

    Jun 15, 2002
    Likes Received:
    Trophy Points:
    Go on, have a guess
    Your server is evidently not secure enough.

    Your first line of defence is going to be a good set of mod_security SecFilters. If you already have mod_security installed, you need better filters.

    Next, as soon as a PHP script is compromised you need to track down which PHP script was compromised and remove it from your server immediately. If you don't know how to track down such compromises you should hire a server admin to help you.

Share This Page