I am wanting to know if there is a way to stop files being uploaded to my vps, via ftp cpanel etc that are malicious..
I have been told there is a way to do this but i havent been told how..
Basicaly i want to know if there is something where i can add a list of keywords that are in the malicious files and what ever it is will stop them from being uploaded or if they manage to get uploaded onto my vps will it make them not work?
I am looking into this as i had an issue before where someone uploaded a shell onto my server :@ luckily it didnt cause no damage or he didnt get anywhere but i still want to be safe.
2nd time now server within 24hrs is down, not sure whats happening. Anyone with volumedrive facing same issues, or i am just being unlucky.
Am still awaiting a thorough reply to last nights downtime. If its server issue i need to know and fix it, but if its network issue, i still need to know to decide accordingly the best route. But am right now in a dark and does not help me much !
Sorry had to ask this publicly but its not VD thats losing money its me.
Now they stated this.. but im totally unsure what it means. If anyone knows. what section is for what... i only see the ip once, that they reported the spam come from 66.79.165.30.
Code: X-Apparently-To: x via 66.163.179.144; Wed, 26 Sep 2007 11:00:52 -0700 X-Originating-IP: [68.230.241.14] Authentication-Results: mta175.mail.re2.yahoo.com from=cox.net; domainkeys=neutral (no sig) Received: from 68.230.241.14 (EHLO fed1rmpop110.cox.net) (68.230.241.14) by mta175.mail.re2.yahoo.com with SMTP; Wed, 26 Sep 2007 11:00:52 -0700 Received: from fed1rmimpo01.cox.net ([70.169.32.71]) by fed1rmmtao105.cox.net (InterMail vM.7.08.02.01 201-2186-121-102-20070209) with ESMTP id <20070926175141.MUBZ11358.fed1rmmtao105.cox.net@fed1rmimpo01.cox.net>; Wed, 26 Sep 2007 13:51:41 -0400 Received: from fed1wml11.mgt.cox.net ([172.18.180.10]) by fed1rmimpo01.cox.net with bizsmtp id t5re1X00W0DrMWL0000000; Wed, 26 Sep 2007 13:51:39 -0400 Received: from 66.79.165.30 by webmail.west.cox.net; Wed, 26 Sep 2007 13:51:38 -0400 Date: Wed, 26 Sep 2007 10:51:39 -0700 From: UK NATIONA LOTTERY <gailpmm@cox.net> Reply-To: mrsjuliaelm@hotmail.com Subject: Congratulation! you have won MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) Sensitivity: Normal
I log in to FTP and I try and upload an updated file (the file already exists on server). It prompts me to overwrite and I say yes but when I refresh/check the site the page hasnt changed - I then tried uploading the file again and it still says the existing file size (so I know it hasnt been replace).
Any idea why it it not overwriting?
The files are CHOWNed my the owner (FTP user) which is myself.
I uploaded my file to web server(html, image file and css file), but strangely after uploaded it to server all file that I uploaded size 0 KB. I uploaded it using WS FTP.
I used to have my apache 1.3.37 with PHP compiled as a CGI. Whenever i have a php script (say vbulletin forum software) that allow file uploads, files will be uploaded with the correct userid and groupid on the server. However, once i compiled PHP as ISAPI module, the files will be uploaded but will be owned by 'nobody'. Of course i can log in as root and chown it back to the right user, but it's a hassle if there are multiple user accounts on the server and they're using php software on their end. If someone is using an ftp program and tries to overwrite that uploaded file that's owned by nobody, it will not let them do so. Is there a way to fix this, or change the config files that would fix it?
I have a dedicated server, the server itself is secure (as far as I know) and I run lots of my sites from it. I offered a friend hosting for his flash based chat application he built.
Today I was contacted by someone; "Are you the owner of xxxx.net?" so I informed that yes, it was my server and they then showed me an email they'd received from my server. I did a search and apparently someone uploaded mail.php and a couple of files it was using to send out spam based upon a variety of conditions that the other files met. The files contained forenames and surnames, it'd use a forename and a surname then send it to popular free mail services. The email contained ramblings about new world order and promoted a website.
How can I find out how they got the files uploaded to the account and what action can I take? I checked the whois for the domain and have their contact information, however it's a large site so I'm doubtful that the owner did it. I don't want my servers IPs being blacklisted for spam :|
I have a RHEL 4 plain server, and im using vsftpd server, i can not find an option to specify the max size for uploading files... does anybody know something about this?
I've recently started experiencing some issues where files uploaded through Joomla or some other scripts (mostly PHP) inherit a permission of 600. Prior to updates being done on the server I'm hosted on, uploaded files received 644 permissions and all things worked great.
I've checked the umask that assigned to the shell (022) and have ruled out that as a problem.
This is the scenario, domain.com are setup on server1, however server2 also has the same profile of domain.com as we use ns3 and ns4 using domain.com. This works fine with the nameserver setup on server2.
However I encounter problems as the emails from server2 won't reach server1 as there are duplicate profile on server2.
My question is how do I setup the DNS in cpanel/whm from server2 so the emails from server2 will reach server1?
I have 2 servers both have cpanel. I want to use 2nd server's mysql in my site which is on 1st server. I think thats not that hard. I don't wanna do clustering as this is temproary.
if it's possible to use ODBC to connect to a Windows box from a Linux cPanel server. We have attempted connections from PHP (both as CGI as well as Apache module) and we get: Fatal error: Call to undefined function odbc_pconnect() in...
and
Fatal error: Call to undefined function odbc_connect() in...
