I have to administer few inherited Linux servers with Ubuntu and Debian Linux. The servers hosts mainly websites with regularly un-updated Joomlas and some custom developed websites which were developed pretty unsecure. To mitigate hacked websites I already disabled some of most insecure functions like system(); eval etc. – I followed literally my previous tutorial PHP Webhosting security disable exec();, system();, open(); and eval();.
Still in logs I see shits like:
[error] [client 66.249.72.100] PHP Warning: mkdir(): No such file or directory in /var/www/site/plugins/system/jfdatabase/intercept.jdatabasemysql.php on line 161
Hence to prevent PHP mkdir(); and chown(); functiosn being active, I had to turn on in /etc/php5/apache2/php.ini – safe_mode . For some reason whoever configured Apache leave it off.
safe_mode = on
Hopefully by disabling this functions will keep cracker bot scripts to not create some weird directory structures on HDD or use it as mean to DoS overflow servers filesystem.
Hope this help others stabilize their servers too. Enjoy ! 🙂
More helpful Articles
Tags: apache, better security, chown, debian linux, directory structures, exec, Linux, linux servers, logs, overflow, safe mode, scripts, server security, tutorial php, Ubuntu
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.110 Safari/537.36
Note that if you enable safe_mode = On. Some websites on server might stop working. One piece of software that requires safe_mode to be Off is Moodle – Open Source Online learning system
View CommentView Comment