[CentOS] httpd - mysql - paypal.com.tar - hacker
Ross Walker
rswwalker at gmail.com
Fri Aug 21 22:42:09 UTC 2009
On Aug 21, 2009, at 5:47 PM, "Gregory P. Ennis" <PoMec at PoMec.Net> wrote:
>
> On Fri, Aug 21, 2009 at 5:31 PM, Ray Van Dolson<rayvd at bludgeon.org>
> wrote:
>
>>
>> Nope, but you can take steps to prevent (or make it more difficult)
>> for
>> people that shouldn't be accessing it from accessing it.
>>
>> Apache allow from, etc... basic authentication, make sure you're
>> using
>> HTTPS and selinux.
>
> Along these lines (following up here, though it's mostly to the OP),
> you may also want to look at your php.ini for some hardening as well.
> The default php.ini ships with allow_url_fopen enabled, which tells
> php to treat remote files like they're local. In some cases this is
> needed, but I really consider it a huge security hole, and if
> disabling doesn't break your website, I would suggest you do so.
>
> ----------------
>
> Jim,
>
> Great suggestion. Thank you!!!!!
You weren't the only one who had phpmyadmin used to exploit their
server.
There was a thread not too long back of another who's server was
hacked through some phpmyadmin script injection exploit.
For everyone who reads this:
Do Not run phpmyadmin on a forward facing server!
It is for behind the firewall only! And even then to restricted users
over SSL protected by password.
-Ross
More information about the CentOS
mailing list