• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Temp folder hack

M

Magumo

Guest
Good day,

We had a few sites on php with 0777 permissions defaced with an religious extremist message . On further investigating, we discovered that the hack must have been achieved via the server /temp folder because in the temp folder there we numerous suspicious files added around the time of the hack.

I have deleted the hacked file, and restored. Now I want to know how to best avoid this in future?

Also how do I troubleshoot to narrow down on the hack?
 
Check your web and ftp logs for anything suspicious. I'd also recommend you check out mod_security as a first tier security control.
 
Back
Top