[GeoStL] hack info
- From: "Mike Griffin" <griff@xxxxxxxxxxxx>
- To: <geocaching@xxxxxxxxxxxxx>
- Date: Sat, 27 Aug 2005 18:21:55 -0500
Here's whats up....
This happened to us in February... the hackers used a security hole in phpBB2.
I had to replace the index files for 120 sites from our nightly backup. After
updating to the latest PHP and additional packages, the server is safe again.
You should have a look through your Apache log files. Search for
"system(chr(101)" or "echr". Usually these kind of requests indicate an attack.
You might want to secure your server using something like mod_security:
http://www.modsecurity.org
Mike
Other related posts:
