yesterday my server was hacking using a backdor php script, on source code can be read comments like "Rajoul_mok was here" and "http://emp3ror.com/kira//update/
my server is linux fedora 8, apache httpd-2.2.4 and php-4.4.8.tar
my mistake was let empty the follow line on php.in
now I changed it for:
disable_functions = show_source, system, shell_exec, passthru, exec, popen, proc_open, allow_url_fopen
Do I need another change on my server? how can I check if there are others scripts?