The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

php security

Discussion in 'Security' started by KhaledSalama, Feb 5, 2014.

  1. KhaledSalama

    KhaledSalama Registered

    Joined:
    Feb 5, 2014
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    hello

    i have problem in php security

    some one upload php file contain mail() function and execute this page remotely

    How can I prevent that?

    note :the attacker connect to this page using many ip's
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Have you determined how the file was uploaded? You may want to delete the file that was uploaded to ensure it's no longer used to send out email. Are you attempting to prevent all PHP scripts from using the "mail()" function?

    Thank you.
     
  3. cPanelPeter

    cPanelPeter Technical Analyst III
    Staff Member

    Joined:
    Sep 23, 2013
    Messages:
    569
    Likes Received:
    15
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    In addition to what cPanelMichael stated, you might consider installing cXs ConfigServer Exploit Scanner... It should quarantine scripts like this when they are uploaded so that they can't be used.
     
  4. KhaledSalama

    KhaledSalama Registered

    Joined:
    Feb 5, 2014
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    in this time i'm prevent any php to use mail() but i need to use it in other website

    can you tell me how to detect how this files uploaded to server ?
     
  5. psrsathish

    psrsathish Active Member

    Joined:
    Jul 19, 2006
    Messages:
    31
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    India.
    -----

    Create a new php.ini in or copy the servers global php.ini file in to the home directory of an account where you want to deny this function. Then open the php.ini file and search for the directive "disable_functions" here just include the php function that you want to disable for this account.

    This will deny the appropriate php function for this particular account only and this will not get reflected globally for all the other acct that was hosted on the server.

    ex: disable_functions = mail

    else

    If there is a .htaccess file on the account then please open the file and insert the below code.

    php_value disable_functions mail

    That's It!
     
Loading...

Share This Page