• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

apache and tmp upload

M

MattYM@

New Pleskian
hi,

My brain is fried today, I have a website on my plesk server somewhere which is allowing someone to upload a perl script which is seen as a .txt file then try and execute it as the user apache. Earlier on I had loads of wget processes running downloading a page several times in an attempt to fill up my /tmp folder. I have no execute set on /tmp.

Is there an easy way to find out which site is being exploited?

Everything is owned and run by apache so tearing my hair out trying to track it down.

thanks

matt
 
Hello,

It's very hard to find to out the exact domain name OR user using is uploading the perl scripts /tmp directory due Apache user ownership. But I will suggest you please scan your whole server with the LMD scanner and delete all infected files from your server. May be there is a shell script present under your one of the domain and hacker is uploading the perl scripts through that script.
 
You must log in or register to reply here.

Similar threads

Ming
Issue Passenger issue - boost::thread_resource_error: Resource temporarily unavailable
Replies
12
Views
3K
Ming
Ming
Dukemaster
Resolved Server down [Server Certificate/Apache Settings]
2
Replies
20
Views
5K
UFHH01
U
E
How to Set up Your WordPress Website Security
Replies
0
Views
2K
Elvis Plesky
E
V
Varnish for WordPress in a Docker container
Replies
5
Views
5K
Laurence@
Laurence@
E
Varnish for WordPress in a Docker container in Plesk Onyx
2
Replies
25
Views
12K
Andrew_Pa
A
Back
Top