Thread: Hacked server
View Single Post
Old 22nd December 2010, 23:50
till till is offline
Super Moderator
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 37,015
Thanks: 840
Thanked 5,652 Times in 4,461 Posts

P.S. ispconfig user have shell with /bin/false or with /dev/null
And "ispconfigend" user - it is ispconfig user? I have this user.
Thats both ok. The shell of the website users depend on the website settings, e.g. if FTP is enabled and the ispconfig and ispconfigend users are from the controlpanel server on port 81.

Regarding your other question, see answer from mini14 and the ispconfig first steps guide. There are also quite a few hardening tutorials available which explain to selectively deactivate functions in php etc.

You should also use the php safemode option from the website settings.
Till Brehm
Get ISPConfig support and the ISPConfig 3 manual from
Reply With Quote