Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Web hosting security question
Special Forums Cybersecurity Web hosting security question Post 302543816 by sysgate on Tuesday 2nd of August 2011 06:57:56 AM
Old 08-02-2011
Sorry, I'm not going to download all these web resources, just to check what they might possibly do. It's some sort of root access acquisition attempt or similar, but what's most important is that you should secure your site.

Hosting companies do not often offer support on private owners issues like security, but rather they are responsible only for the hosting environment, though some UAP might suggest proactive measures being undertaken in order to avoid bigger incident.
Back in my security officer days, I have personally disabled / renamed insecure customer scripts / pieces of code, as spammers, for example, are very keen to use them in a short periods of time, which usually causes this particular hosting server to get blacklisted at major providers.

So, bottom line - inspect your site, if you are sure (got a confirmation) that this is isolated issue, and not a hosting env. one.
 

4 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Web page hosting

I built my website based on Dreamweaver, on Windows platform. My server uses Unix, and the page doesn't look too good. Is there any way to solve this problem without too much of a headache? (1 Reply)
Discussion started by: PCL
1 Replies

2. Cybersecurity

Web hosting security

Hello, guys ! The company I work for has a few web hosting servers and I'd like to know how can I secure the servers a little bit ? The situation is like this: Apache runs as nobody so all users can run scripts as nobody. This is a big security problem beacause if I have an account on the... (4 Replies)
Discussion started by: Sergiu-IT
4 Replies

3. Web Development

ASP.NET 5 Application on Centos OS7 Web Hosting Server

Hi All, Frankly I'm new to Linux Environment. While we are trying to Host an ASP.NET 5 Web Application on Centos OS7 Web hosting Server. There were couple of steps which we are supposed to go through, please see this link - We are stuck at Create a Container & then Running the Container,... (1 Reply)
Discussion started by: John Fredric
1 Replies

4. Shell Programming and Scripting

Ldap connection after hosting on Web Server

Hi.. I have very limited knowledge on LDAP and its configuration and but I have been trying to figure out one issue that takes place when I am running the program that is written in php, but so far its unsuccessful. The server, I am working on is ldap server, which is running on Apache. After... (1 Reply)
Discussion started by: GomathiUoM
1 Replies

LEARN ABOUT PHP

is_uploaded_file

IS_UPLOADED_FILE(3)							 1						       IS_UPLOADED_FILE(3)

is_uploaded_file - Tells whether the file was uploaded via HTTP POST

SYNOPSIS

       bool is_uploaded_file (string  $filename)

DESCRIPTION

	Returns  TRUE  if the file named by $filename was uploaded via HTTP POST. This is useful to help ensure that a malicious user hasn't tried
       to trick the script into working on files upon which it should not be working--for instance, /etc/passwd.

	This sort of check is especially important if there is any chance that anything done with uploaded files could reveal  their  contents	to
       the user, or even to other users on the same system.

	For  proper  working,  the function is_uploaded_file(3) needs an argument like $_FILES['userfile']['tmp_name'], - the name of the uploaded
       file on the client's machine $_FILES['userfile']['name'] does not work.

PARAMETERS

	      o $filename
		- The filename being checked.

RETURN VALUES

	Returns TRUE on success or FALSE on failure.

EXAMPLES

       Example #1

	      is_uploaded_file(3) example

	      <?php

	      if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
		 echo "File ". $_FILES['userfile']['name'] ." uploaded successfully.
";
		 echo "Displaying contents
";
		 readfile($_FILES['userfile']['tmp_name']);
	      } else {
		 echo "Possible file upload attack: ";
		 echo "filename '". $_FILES['userfile']['tmp_name'] . "'.";
	      }

	      ?>

SEE ALSO

       move_uploaded_file(3), $_FILES, See Handling file uploads for a simple usage example..

PHP Documentation Group 												       IS_UPLOADED_FILE(3)
All times are GMT -4. The time now is 12:21 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy