Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 12th September 2006, 23:59
fobicodam fobicodam is offline
Senior Member
 
Join Date: Apr 2006
Location: Argentina
Posts: 346
Thanks: 0
Thanked 1 Time in 1 Post
Send a message via MSN to fobicodam
Default One of my client's phpNuke was attacked, with all success !!

Its not really my problem as its one of my reseller's client, but its indirectly mine too. I know nuke is bllsht, etc.. but this makes me think on something, what do i need to change on the backup script to:

1.- Backup the site outside ftp folder. My clients doesnt want backups (jeje, ill take a few words with this client about that later ) and they take web space.
2.- In the outside folder i need to create a subfolder with the webXX name and at least, 3 or 4s days old backups. This site was hacked yesterday night (so wisely) so, the backup is useless...

any hint
Reply With Quote
Sponsored Links
  #2  
Old 13th September 2006, 09:06
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 34,586
Thanks: 792
Thanked 4,983 Times in 3,903 Posts
Default

Write a shell script that creates tar.gz backups of your sites with the weekday in the name, this will result in 7 backup files that are overridden automatically after 7 days.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 13th September 2006, 11:23
Ben Ben is offline
Moderator
 
Join Date: Jul 2006
Posts: 1,029
Thanks: 7
Thanked 62 Times in 56 Posts
Default

What you should set up is mod_security to avoid some basic scriptkiddie attacks to your nuke... could be very helpfull for phpBB and its plugins as well...
Reply With Quote
  #4  
Old 13th September 2006, 13:35
fobicodam fobicodam is offline
Senior Member
 
Join Date: Apr 2006
Location: Argentina
Posts: 346
Thanks: 0
Thanked 1 Time in 1 Post
Send a message via MSN to fobicodam
 
Default

I installed mod_security last friday, but nobody could insert data, i had to uninstall it on sunday.. i must check how to let nuke/joomla/mambo users insert data with mod_secrity installed..

Till, im not a php developer and i dont want to create another backup job, ive modified the backup.php script to delete old logs and let only the last one (i must check this client log today) ill try to modify the ispconfig backup scheme at night to make it do what i need.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 05:53.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.