Thread: Hacked server
View Single Post
  #8  
Old 22nd December 2010, 22:50
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,046
Thanks: 826
Thanked 5,389 Times in 4,234 Posts
Default

Quote:
P.S. ispconfig user have shell with /bin/false or with /dev/null
And "ispconfigend" user - it is ispconfig user? I have this user.
Thats both ok. The shell of the website users depend on the website settings, e.g. if FTP is enabled and the ispconfig and ispconfigend users are from the controlpanel server on port 81.

Regarding your other question, see answer from mini14 and the ispconfig first steps guide. There are also quite a few hardening tutorials available which explain to selectively deactivate functions in php etc.

You should also use the php safemode option from the website settings.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote