The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Malicious Script upload

Discussion in 'General Discussion' started by lost, Jun 8, 2006.

  1. lost

    lost Well-Known Member

    Joined:
    Aug 19, 2003
    Messages:
    73
    Likes Received:
    0
    Trophy Points:
    6
    hello,
    someone manages to upload a script line in this format to several of my servers. This script line shows up in random useraccounts in random folders.

    <script>x=8;es="108;102;105;126;97;104;..........................etc.......etc...........

    This script causes havoc for people visiting the affected websites.

    Has anyone else had this happen and how do you protect against it? I.e. what mod_security rules could be effectively used?
    If anyone can help, please respond

    Thanks
    L
     
  2. ramprage

    ramprage Well-Known Member

    Joined:
    Jul 21, 2002
    Messages:
    667
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Canada
    This sounds like an XSS attack. You need to find the source of where this is coming from.

    EG:
    # WEB-PHP PHP-Wiki cross site scripting attempt
    SecFilterSelective THE_REQUEST "<script"
     
Loading...

Share This Page