Hi, my site is getting hacked several times daily and nobody knows how to stop him. We don't know how he's getting in. He's injected an I-47 shell and we got that out but he keeps coming back. We need a way to stop him. Thanks!
You really should be speaking to your Hosting Provider about this. You give no details here and we have no way of knowing anything about your site, server, or security here on these forums.
Apache version2.2.23
MySQL version 5.1.67-rel14.3-log
PHP version 5.3.21
Perl version 5.8.8
Operating System linux
Kernel version 3.2.38-grsec
cPanel Version 11.32.5.15
It's probably not FTP. there's probably another shell. You need to take the time stamps of the affected file and search for those times in the apache access logs. See my post here:
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.