yatinthakur

Member
Mar 27, 2014
17
0
1
cPanel Access Level
Root Administrator
Hello

While daily server scan I found some files with result : PHP.Shell-38 found . When I tested those file found its very risky.

How can I prevent user for accessing/uploading these types for files

I found that by setting shell_exec in php.ini will stop access those file. but as I am having suphp on server , users can override rule by creating own php.ini in their account.

There mus be some way to block it but how ?
 
Last edited:

PlotHost

Well-Known Member
Apr 29, 2011
292
15
68
US
cPanel Access Level
Root Administrator
Twitter
How can I prevent user for accessing/uploading these types for files
By using something like ConfigServer eXploit Scanner (cxs)

I found that by setting shell_exec in php.ini will stop access those file. but as I am having suphp on server , users can override rule by creating own php.ini in their account.

There mus be some way to block it but how ?
Read here http://forums.cpanel.net/f185/metho...ricting-who-can-use-php-ini-files-167186.html
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,243
463
Hello :)

Yes, as mentioned in the previous post, the following thread provides information on how to restrict users from modifying the php.ini file when suPHP is enabled:

Methods to increase security with suPHP

Thank you.
 

quizknows

Well-Known Member
Oct 20, 2009
1,008
87
78
cPanel Access Level
DataCenter Provider
These files are generally uploaded through old CMS software and/or out-dated CMS plugins. On the domain you found the file on, make sure you update all software (i.e. wordpress, joomla), themes, components, and plugins. Also change the administrator password for the CMS.

You can do all sorts of things to secure your server, but if your customer installs a vulnerable CMS plugin, there is very little you can do to stop it from being hacked, aside from a very good ModSecurity rule set.
 

24x7server

Well-Known Member
Apr 17, 2013
1,911
98
78
India
cPanel Access Level
Root Administrator
Twitter