Apache // mystery files named "1" showing secure details

Discussion in 'Server Operation' started by vmos, Oct 14, 2011.

  1. vmos

    vmos Member

    Hello, we've got a whole bunch of servers running debian sarge, etch, lenny and ubuntu lucid

    Just today we've noticed some files in some sites on many servers called 1, just "1"

    a few of these are viewable via websites and the show things that should probably not be shown. Some show crontabs, some show htaccess files and things.

    I've tried googling but "1" doesn't exactly narrow down the search results. I'm inclined to think it's some feature of apache that we haven't disabled

    Has anyone seen this or know where they might be coming from?

    /edit Mystery solved

    If you edit a file in VI and then do wq! to save but don't hold shift properly, this enters wq1 which saves the contents of the file you're editing in another file called 1

    Last edited: Oct 14, 2011

Share This Page