Facebook
Twitter
hi,
My brain is fried today, I have a website on my plesk server somewhere which is allowing someone to upload a perl script which is seen as a .txt file then try and execute it as the user apache. Earlier on I had loads of wget processes running downloading a page several times in an attempt to fill up my /tmp folder. I have no execute set on /tmp.
Is there an easy way to find out which site is being exploited?
Everything is owned and run by apache so tearing my hair out trying to track it down.
thanks
matt
My brain is fried today, I have a website on my plesk server somewhere which is allowing someone to upload a perl script which is seen as a .txt file then try and execute it as the user apache. Earlier on I had loads of wget processes running downloading a page several times in an attempt to fill up my /tmp folder. I have no execute set on /tmp.
Is there an easy way to find out which site is being exploited?
Everything is owned and run by apache so tearing my hair out trying to track it down.
thanks
matt
