Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Malicious Script upload

Discussion in 'General Discussion' started by lost, Jun 8, 2006.

  1. lost

    lost Well-Known Member

    Joined:
    Aug 19, 2003
    Messages:
    73
    Likes Received:
    0
    Trophy Points:
    156
    hello,
    someone manages to upload a script line in this format to several of my servers. This script line shows up in random useraccounts in random folders.

    <script>x=8;es="108;102;105;126;97;104;..........................etc.......etc...........

    This script causes havoc for people visiting the affected websites.

    Has anyone else had this happen and how do you protect against it? I.e. what mod_security rules could be effectively used?
    If anyone can help, please respond

    Thanks
    L
     
  2. ramprage

    ramprage Well-Known Member

    Joined:
    Jul 21, 2002
    Messages:
    655
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Canada
    This sounds like an XSS attack. You need to find the source of where this is coming from.

    EG:
    # WEB-PHP PHP-Wiki cross site scripting attempt
    SecFilterSelective THE_REQUEST "<script"
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice