The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Server exploited

Discussion in 'General Discussion' started by SuperBaby, Sep 13, 2006.

  1. SuperBaby

    SuperBaby Well-Known Member

    Joined:
    Nov 27, 2003
    Messages:
    331
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Thailand
    cPanel Access Level:
    Website Owner
    Twitter:
    Recently there is a hacker who managed to exploit my website through a loophole in my PHP script. He keeps on blackmailing me for money. I banned his IPs but he kept changing his IP.

    I have done:

    chmod -R ugo-x /tmp (making /tmp unexecutable)
    chmod o-x /usr/bin/wget (restricting wget)

    What else can I do?

    --------------------------------------

    After I did this:

    chmod -R ugo-x /tmp (making /tmp unexecutable)

    Some of my scripts failed to run properly. I had to reset it back to the previous setting. But I do not know what the original setting is.

    Currently I set it to 777. Is that OK?
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    /tmp must be set to 1777 to work.

    The solution to the problem is to remove (or update) the script that they're exploiting - you'll have to do some trawling through your domlogs.
     
  3. rhenderson

    rhenderson Well-Known Member

    Joined:
    Apr 21, 2005
    Messages:
    785
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Oklahoma
    cPanel Access Level:
    Root Administrator
    Blackmailing for money? Is it someone from a foreign country? Many many years ago way before the Internet was popular I ran a BBS system which someone tried to hack into, I called the police, they traced it (Back then it was traced by telephone traps) and it was a 13-year old from another city in our same state. I opted not to file charges after a sit down between the police and him. I am sure the FBI or your State Police would be interested in someone trying to blackmail over the Internet, pretty serious stuff.

    I am sure some people would think nothing would ever happen and the police would not listen but remember the squeeky wheel gets the grease
     
  4. mOdY

    mOdY Well-Known Member

    Joined:
    Dec 25, 2004
    Messages:
    80
    Likes Received:
    0
    Trophy Points:
    6
    Hello,

    Sounds like you should start crawling google for servers security how-to's! start with this which might help in your /tmp case http://www.eth0.us/tmp
     
Loading...

Share This Page