One of my client's phpNuke was attacked, with all success !!

Discussion in 'General' started by fobicodam, Sep 12, 2006.

  1. fobicodam

    fobicodam ISPConfig Developer ISPConfig Developer

    Its not really my problem as its one of my reseller's client, but its indirectly mine too. I know nuke is bllsht, etc.. but this makes me think on something, what do i need to change on the backup script to:

    1.- Backup the site outside ftp folder. My clients doesnt want backups (jeje, ill take a few words with this client about that later :p ) and they take web space.
    2.- In the outside folder i need to create a subfolder with the webXX name and at least, 3 or 4s days old backups. This site was hacked yesterday night (so wisely) so, the backup is useless...

    any hint
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Write a shell script that creates tar.gz backups of your sites with the weekday in the name, this will result in 7 backup files that are overridden automatically after 7 days.
  3. Ben

    Ben ISPConfig Developer ISPConfig Developer

    What you should set up is mod_security to avoid some basic scriptkiddie attacks to your nuke... could be very helpfull for phpBB and its plugins as well...
  4. fobicodam

    fobicodam ISPConfig Developer ISPConfig Developer

    I installed mod_security last friday, but nobody could insert data, i had to uninstall it on sunday.. i must check how to let nuke/joomla/mambo users insert data with mod_secrity installed..

    Till, im not a php developer and i dont want to create another backup job, ive modified the backup.php script to delete old logs and let only the last one (i must check this client log today) ill try to modify the ispconfig backup scheme at night to make it do what i need.

Share This Page