• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • Support for BIND DNS has been removed from Plesk for Windows due to security and maintenance risks.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS.

Temp folder hack

M

Magumo

Guest
Good day,

We had a few sites on php with 0777 permissions defaced with an religious extremist message . On further investigating, we discovered that the hack must have been achieved via the server /temp folder because in the temp folder there we numerous suspicious files added around the time of the hack.

I have deleted the hacked file, and restored. Now I want to know how to best avoid this in future?

Also how do I troubleshoot to narrow down on the hack?
 
Check your web and ftp logs for anything suspicious. I'd also recommend you check out mod_security as a first tier security control.
 
You must log in or register to reply here.

Similar threads

E
Issue Abnormal CPU usage and Apache crash
Replies
13
Views
5K
MartinT
M
M
Resolved Plesk restore from a ZIP after server failure.
Replies
0
Views
1K
mad_inventor
M
T
Forwarded to devs deletion of spam folder mails after 30 days not working
Replies
19
Views
5K
Sebahat.hadzhi
Sebahat.hadzhi
I
Question Problems with Email certificate renewal - seems linked to changes in SNI support
Replies
0
Views
3K
iainh
I
T
Issue After moving subscription, users receive message "Your subscription was removed", Cannot create new webspace.
Replies
2
Views
2K
thespark
T
Back
Top