• Inviting everyone who uses WordPress management tools in Plesk
    The Plesk team is conducting a 60-minute research session that includes an interview and a moderated usability test.
    To participate, please use this link .
    Your experience will help shape product decisions and ensure the tools better support real-world use cases.

Temp folder hack

M

Magumo

Guest
Good day,

We had a few sites on php with 0777 permissions defaced with an religious extremist message . On further investigating, we discovered that the hack must have been achieved via the server /temp folder because in the temp folder there we numerous suspicious files added around the time of the hack.

I have deleted the hacked file, and restored. Now I want to know how to best avoid this in future?

Also how do I troubleshoot to narrow down on the hack?
 
Check your web and ftp logs for anything suspicious. I'd also recommend you check out mod_security as a first tier security control.
 
You must log in or register to reply here.

Similar threads

N
Issue Permission problem - Invision power board - forum
Replies
2
Views
1K
NITROFOX
N
E
Issue Abnormal CPU usage and Apache crash
Replies
13
Views
8K
MartinT
M
M
Resolved Plesk restore from a ZIP after server failure.
Replies
0
Views
4K
mad_inventor
M
T
Forwarded to devs deletion of spam folder mails after 30 days not working
Replies
19
Views
7K
Sebahat.hadzhi
Sebahat.hadzhi
I
Question Problems with Email certificate renewal - seems linked to changes in SNI support
Replies
0
Views
4K
iainh
I
Back
Top