Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Web hosting security question
Special Forums Cybersecurity Web hosting security question Post 302543502 by agriz on Monday 1st of August 2011 03:40:11 AM
Old 08-01-2011
Web hosting security question
Hi,

Recently my has been hacked. A .pl script has been uploaded in the root of the directory, which uploaded lot of unwanted files and changed their file permission to 777.

I have no clue how did they upload that .pl file in my hosting.
Website is in shared hosting. Could they access my web root from other website which hosted in the same server?

Or any idea how could they reached my site root?
 

4 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Web page hosting

I built my website based on Dreamweaver, on Windows platform. My server uses Unix, and the page doesn't look too good. Is there any way to solve this problem without too much of a headache? (1 Reply)
Discussion started by: PCL
1 Replies

2. Cybersecurity

Web hosting security

Hello, guys ! The company I work for has a few web hosting servers and I'd like to know how can I secure the servers a little bit ? The situation is like this: Apache runs as nobody so all users can run scripts as nobody. This is a big security problem beacause if I have an account on the... (4 Replies)
Discussion started by: Sergiu-IT
4 Replies

3. Web Development

ASP.NET 5 Application on Centos OS7 Web Hosting Server

Hi All, Frankly I'm new to Linux Environment. While we are trying to Host an ASP.NET 5 Web Application on Centos OS7 Web hosting Server. There were couple of steps which we are supposed to go through, please see this link - We are stuck at Create a Container & then Running the Container,... (1 Reply)
Discussion started by: John Fredric
1 Replies

4. Shell Programming and Scripting

Ldap connection after hosting on Web Server

Hi.. I have very limited knowledge on LDAP and its configuration and but I have been trying to figure out one issue that takes place when I am running the program that is written in php, but so far its unsuccessful. The server, I am working on is ldap server, which is running on Apache. After... (1 Reply)
Discussion started by: GomathiUoM
1 Replies

LEARN ABOUT PHP

is_uploaded_file

IS_UPLOADED_FILE(3)							 1						       IS_UPLOADED_FILE(3)

is_uploaded_file - Tells whether the file was uploaded via HTTP POST

SYNOPSIS

       bool is_uploaded_file (string  $filename)

DESCRIPTION

	Returns  TRUE  if the file named by $filename was uploaded via HTTP POST. This is useful to help ensure that a malicious user hasn't tried
       to trick the script into working on files upon which it should not be working--for instance, /etc/passwd.

	This sort of check is especially important if there is any chance that anything done with uploaded files could reveal  their  contents	to
       the user, or even to other users on the same system.

	For  proper  working,  the function is_uploaded_file(3) needs an argument like $_FILES['userfile']['tmp_name'], - the name of the uploaded
       file on the client's machine $_FILES['userfile']['name'] does not work.

PARAMETERS

	      o $filename
		- The filename being checked.

RETURN VALUES

	Returns TRUE on success or FALSE on failure.

EXAMPLES

       Example #1

	      is_uploaded_file(3) example

	      <?php

	      if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
		 echo "File ". $_FILES['userfile']['name'] ." uploaded successfully.
";
		 echo "Displaying contents
";
		 readfile($_FILES['userfile']['tmp_name']);
	      } else {
		 echo "Possible file upload attack: ";
		 echo "filename '". $_FILES['userfile']['tmp_name'] . "'.";
	      }

	      ?>

SEE ALSO

       move_uploaded_file(3), $_FILES, See Handling file uploads for a simple usage example..

PHP Documentation Group 												       IS_UPLOADED_FILE(3)
All times are GMT -4. The time now is 03:29 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy