Re: [mod-security-users] Fwd: Mod sec rules
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Fwd: Mod sec rules
|
From: Reindl H. <h.r...@th...> - 2014-06-19 20:02:29
|
Am 19.06.2014 21:52, schrieb Matt: > Lately I've been having some security issues with a software I am using, I believe the software might have some > type of exploit that allows files to be uploaded to its root directory. I don't want to say the name of the > software at this point until that vendor has fully checked into it, but as a temporary solution I thought it might > be possible to restrict file names of PHP files that are allowed to run under my cpanel account. Is this possible? > > i.e. if the attacker does upload a file called "shell.php", they won't be able to run it if it doesn't match a file > name in the list of allows PHP files that's nonsense - filter based on filenames never can work if i want to attack you i will suceed by rename - period if a software seems to allow uploads to the root-directory shut down that damned piece of software or at least disable uploads completly for the sake of *anybody* out there who get attacked by compromised servers all day long caused by people try to work around and repair things which are just broken because no understading of security a application firewalls job is to mitigate the attack surface in general but not to fix known broken software |
