hello guys, unfortunly my website got hacked few hours ago, and after investigations I found the was a c99.php file on my server so i deleted it and stopped any upload proccess and change back my chmod to default
I want to ask how to prevent php files from being uploaded and run on server ?
my upload script check for mime type of files, how did php file cross this check ?
and is there any other security thing I must do ?
OsaMasw 13 Loving Helper
Recommended Answers
Jump to PostHere is a good reading about this so called phpc99 shell malware.. I guess what I have suggested above is no match with this malware..
Jump to PostIn addition to previous suggestions, you can mitigate the problem by adding an .htaccess file to the directory in which are hosted the images and specify to treat them with the default handler for static files:
SetHandler default-handler
If you upload a php file to this …
Jump to PostHi,
Two doors where the shell hack can take over the server.
First, the ftp credentials of the server users where maliciously stolen from the PC. For example, sitemanager.xml of filezilla is an easy target because it is just a text file that can be grab and send to the …
Jump to PostThe problem could be also MySQL, if the bind-address is not on 127.0.0.1 or the firewall is not setted properly, then an attacker can perform a bruteforce, gain access and use mysql shell to read and write files to the system, something like for example:
select "<?php …
Jump to PostBrute Force Detection (BFD). "but really I don't know what is the best configuration for it"
This is why God Invented LogLogic Now TIBCO
All 30 Replies
pritaeas 2,194 ¯\_(ツ)_/¯ Moderator Featured Poster
OsaMasw 13 Loving Helper
pixelsoul 272 Red Pill Featured Poster
OsaMasw 13 Loving Helper
pritaeas 2,194 ¯\_(ツ)_/¯ Moderator Featured Poster
pixelsoul 272 Red Pill Featured Poster
pixelsoul 272 Red Pill Featured Poster
OsaMasw 13 Loving Helper
pixelsoul 272 Red Pill Featured Poster
OsaMasw 13 Loving Helper
pixelsoul 272 Red Pill Featured Poster
OsaMasw 13 Loving Helper
oop_php 0 Newbie Poster
diafol
OsaMasw 13 Loving Helper
oop_php 0 Newbie Poster
OsaMasw 13 Loving Helper
oop_php 0 Newbie Poster
cereal 1,524 Nearly a Senior Poster Featured Poster
OsaMasw 13 Loving Helper
OsaMasw 13 Loving Helper
cereal 1,524 Nearly a Senior Poster Featured Poster
OsaMasw 13 Loving Helper
veedeoo 474 Junior Poster Featured Poster
OsaMasw commented: Thats was Incredible informations, thanks. +2
OsaMasw 13 Loving Helper
Szabi Zsoldos 26 Learner and helper guy
OsaMasw 13 Loving Helper
naphets 0 Junior Poster in Training
cereal 1,524 Nearly a Senior Poster Featured Poster
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.