1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Temp folder hack

Discussion in 'Plesk for Linux - 8.x and Older' started by Magumo, Dec 12, 2010.

  1. Magumo

    Magumo Guest

    Good day,

    We had a few sites on php with 0777 permissions defaced with an religious extremist message . On further investigating, we discovered that the hack must have been achieved via the server /temp folder because in the temp folder there we numerous suspicious files added around the time of the hack.

    I have deleted the hacked file, and restored. Now I want to know how to best avoid this in future?

    Also how do I troubleshoot to narrow down on the hack?
  2. atomicturtle

    atomicturtle Golden Pleskian

    Nov 20, 2002
    Likes Received:
    Washington, DC
    Check your web and ftp logs for anything suspicious. I'd also recommend you check out mod_security as a first tier security control.