hello guys, unfortunly my website got hacked few hours ago, and after investigations I found the was a c99.php file on my server so i deleted it and stopped any upload proccess and change back my chmod to default
I want to ask how to prevent php files from being uploaded and run on server ?
my upload script check for mime type of files, how did php file cross this check ?
and is there any other security thing I must do ?
OsaMasw
13
Loving Helper
Recommended Answers
Jump to PostHere is a good reading about this so called phpc99 shell malware.. I guess what I have suggested above is no match with this malware..
Jump to PostIn addition to previous suggestions, you can mitigate the problem by adding an .htaccess file to the directory in which are hosted the images and specify to treat them with the default handler for static files:
SetHandler default-handler
If you upload a php file to this …
Jump to PostHi,
Two doors where the shell hack can take over the server.
First, the ftp credentials of the server users where maliciously stolen from the PC. For example, sitemanager.xml of filezilla is an easy target because it is just a text file that can be grab and send to the …
Jump to PostThe problem could be also MySQL, if the bind-address is not on 127.0.0.1 or the firewall is not setted properly, then an attacker can perform a bruteforce, gain access and use mysql shell to read and write files to the system, something like for example:
select "<?php …
Jump to PostBrute Force Detection (BFD). "but really I don't know what is the best configuration for it"
This is why God Invented LogLogic Now TIBCO
All 30 Replies
pritaeas
2,194
¯\_(ツ)_/¯
Moderator
Featured Poster
OsaMasw
13
Loving Helper
pixelsoul
272
Red Pill
Featured Poster
OsaMasw
13
Loving Helper
pritaeas
2,194
¯\_(ツ)_/¯
Moderator
Featured Poster
pixelsoul
272
Red Pill
Featured Poster
pixelsoul
272
Red Pill
Featured Poster
OsaMasw
13
Loving Helper
pixelsoul
272
Red Pill
Featured Poster
OsaMasw
13
Loving Helper
pixelsoul
272
Red Pill
Featured Poster
OsaMasw
13
Loving Helper
oop_php
0
Newbie Poster
diafol
OsaMasw
13
Loving Helper
oop_php
0
Newbie Poster
OsaMasw
13
Loving Helper
oop_php
0
Newbie Poster
cereal
1,524
Nearly a Senior Poster
Featured Poster
OsaMasw
13
Loving Helper
OsaMasw
13
Loving Helper
cereal
1,524
Nearly a Senior Poster
Featured Poster
OsaMasw
13
Loving Helper
veedeoo
474
Junior Poster
Featured Poster
OsaMasw
commented:
Thats was Incredible informations, thanks.
+2
OsaMasw
13
Loving Helper
Szabi Zsoldos
26
Learner and helper guy
OsaMasw
13
Loving Helper
naphets
0
Junior Poster in Training
cereal
1,524
Nearly a Senior Poster
Featured Poster
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.