Questions? Start a Support Ticket
User Registration
Customer Login

Knowledgebase

Portal Home > Knowledgebase > Articles Database > How to save ny server from c99 script upload


How to save ny server from c99 script upload




Posted by naziaaa, 04-12-2012, 02:31 PM
Few days ago one of my vps account got hacked. I found that someone uploaded c99 script on my server and deleted all the files using that script. After a lot of searching i found some tips. SOmeone told me to off the safe mood. But if i turn off the safe mood many cms will not work correctly. Then what i have to do to protect my server?
Posted by AdmoNet, 04-12-2012, 02:33 PM
Hello, There are many ways to protect your VPS. You may want to find the source of the vulnerability in your web application that is allowing the script to be uploaded. Check your web logs, FTP logs (for a simple password they may be using) and make sure that your applications are updated to the latest current stable versions. Also try iscanner and maldet to figure out what may be infected. They are getting in somewhere, most likely an old wordpress install etc. Good luck!
Posted by Infinitnet, 04-12-2012, 07:03 PM
If you don't have much experience, it would be your best shot to get hire someone to audit and secure your server properly. As AdmoNet said, you should of course also check your logs (access logs at least) and run something like maldet.
Posted by Lincxu, 04-13-2012, 03:40 AM
The first thing I would check is if the cms has any popular security holes and fix then check server end as suggested above.
Posted by mellow-h, 04-13-2012, 06:24 AM
One of the lesson I have learned is you can not stop intruders from uploading c99 in your server until you keep your cms updated and the password secure. When it is uploaded, you can help other users to be protected by not letting them browse anything with "public_html" using mod_security. This is not a full proof protection, but most of the cases I have seen it saves attacks from lots of kids. Good luck.
Posted by jackpx, 04-13-2012, 12:23 PM
http://www.configserver.com/cp/cxs.html
Posted by WebHostDog, 04-13-2012, 12:59 PM
Best way is to use mod_securty for Apache with the latest rules and configure it correctly.
Posted by PCS-Chris, 04-13-2012, 01:19 PM
What CMS are you using? Safe_Mode isn't necesarry and nobody has been using it for a long time, the same goes for Register_Globals. These are old deprecated PHP functions. Unless you have some weird custom made script, install the latest updates and it should be able to function in a secure, recent release of PHP.


Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
eprohosted.com (Views: 773)
Good Reseller (Views: 706)
Looking for a simple Reseller Hosting (Views: 713)
good rules for mod security / apache 2.2x ?? (Views: 689)
Need Windows reseller account, preferably Helm. (Views: 727)


Language:

Our Services

Client Menu

Legal

Terms of Service | Privacy Policy | Refund Policy | Affiliates
Copyright © 2015 DC International LLC in partnership with Bragin IT Solutions Inc. - All Rights Reserved.