My ISPconfig server get hacked
The document root (/var/www) of ISPconfig3 server ( Debian Lenny) is written by hacker, he put the phishing website with .it domain, after I delete phishing website, he is still put them, I can not inspect the reason. This problem is really awesome for me, I attach here the website code, so if any one need other information to inspect them help me, I will provide
update: I check the /tmp dir and I get the phishing website code, How to prevent /tmp attack?
Last edited by quannv; 1st April 2011 at 20:10.