Hi all,
Lately I've been having some security issues with a software I am using, I believe the software might have some type of exploit that allows files to be uploaded to it's root directory. I don't want to say the name of the software at this point until that vendor has fully checked into it, but as a temporary solution I thought it might be possible to restrict file names of PHP files that are allowed to run under my cpanel account. Is this possible?
i.e. if the attacker does upload a file called "shell.php", they won't be able to run it if it doesn't match a file name in the list of allows PHP files
Lately I've been having some security issues with a software I am using, I believe the software might have some type of exploit that allows files to be uploaded to it's root directory. I don't want to say the name of the software at this point until that vendor has fully checked into it, but as a temporary solution I thought it might be possible to restrict file names of PHP files that are allowed to run under my cpanel account. Is this possible?
i.e. if the attacker does upload a file called "shell.php", they won't be able to run it if it doesn't match a file name in the list of allows PHP files