View Single Post
  #2  
Old 10th October 2012, 08:17
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,011
Thanks: 826
Thanked 5,379 Times in 4,226 Posts
Default

Did you had plesk installed on that server before as there is a script with that name in pleask but not in ispconfig:

http://kb.parallels.com/en/1798

so maybe there is a script from plesk or a script developed for plesk installed on the server that searches for this script or an attacker thinks that this is a plesk install. When you access the script by http, the path /usr/local/ispconfig/interface/web/login_up.php3 is the equivalent to /login_up.php3 of the ispconfig controlpanel vhost, so it might be that the script can not identify that its not plesk while searching for the script.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote