david_2911
asked on
Rajoul_mok was here Backdor PHP
yesterday my server was hacking using a backdor php script, on source code can be read comments like "Rajoul_mok was here" and "http://emp3ror.com/kira//update/"
my server is linux fedora 8, apache httpd-2.2.4 and php-4.4.8.tar
my mistake was let empty the follow line on php.in
disable_functions =
now I changed it for:
disable_functions = show_source, system, shell_exec, passthru, exec, popen, proc_open, allow_url_fopen
Do I need another change on my server? how can I check if there are others scripts?
my server is linux fedora 8, apache httpd-2.2.4 and php-4.4.8.tar
my mistake was let empty the follow line on php.in
disable_functions =
now I changed it for:
disable_functions = show_source, system, shell_exec, passthru, exec, popen, proc_open, allow_url_fopen
Do I need another change on my server? how can I check if there are others scripts?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.