Tag Archives: security - Page 2

Apache, PHP, SuEXEC: added security and control

suhosin
As we know from original article using Apache, PHP in CGI mode along with suExec gives us 2 important security advantages:
– suExec allows to run PHP process with (only) the file owner user privileges, enforcing proper permissions on PHP scripts and thus allowing to avoid cross-site exploits on the server that is running multiple dynamic web sites;
– per site php.ini.
That gives some unique opportunities for securing separate web sites on the server.
Read more »

Please follow and like us:

Using lsof to find trojan processes on Linux.

In my previous post I was telling about checking for programs using network on Linux using lsof tool.
Here I have “live” example of such backdoor found on one of our servers.
Read more »

Please follow and like us:

Looking for the backdoors or performance bottlenecks with lsof

When server is compromised via some PHP script security hole intruders are getting relatively low level of access to the server. Although its enough to install PHP shell script or start some backdoor network daemon or proxy server or network scanner.

Lets see if we can find them
Read more »

Please follow and like us:

.htaccess anti-RFI mod_rewrite rules

RFI – Remote File Inclusion (or “nesting” – though last term is not so widely used, and it’s not the same as XSS I beleive) is very serious security threat – especially in webhosting environment where there is no time and manpower available to audit and vet all customers PHP scripts. Let’s see if there are other ways to reduce the threat

Read more »

Please follow and like us: