php security

[KhaledSalama]

hello

i have problem in php security

some one upload php file contain mail() function and execute this page remotely

How can I prevent that?

note :the attacker connect to this page using many ip's

 

[cPanelMichael]

Hello

Have you determined how the file was uploaded? You may want to delete the file that was uploaded to ensure it's no longer used to send out email. Are you attempting to prevent all PHP scripts from using the "mail()" function?

Thank you.

 

[cPanelPeter]

Hello,

In addition to what cPanelMichael stated, you might consider installing cXs ConfigServer Exploit Scanner... It should quarantine scripts like this when they are uploaded so that they can't be used.

 

[KhaledSalama]

Hello

Have you determined how the file was uploaded? You may want to delete the file that was uploaded to ensure it's no longer used to send out email. Are you attempting to prevent all PHP scripts from using the "mail()" function?

Thank you.

in this time i'm prevent any php to use mail() but i need to use it in other website

can you tell me how to detect how this files uploaded to server ?

 

[psrsathish]

in this time i'm prevent any php to use mail() but i need to use it in other website

can you tell me how to detect how this files uploaded to server ?

-----

Create a new php.ini in or copy the servers global php.ini file in to the home directory of an account where you want to deny this function. Then open the php.ini file and search for the directive "disable_functions" here just include the php function that you want to disable for this account.

This will deny the appropriate php function for this particular account only and this will not get reflected globally for all the other acct that was hosted on the server.

ex: disable_functions = mail

else

If there is a .htaccess file on the account then please open the file and insert the below code.

php_value disable_functions mail

That's It!