Tagged Questions
1
vote
4answers
156 views
How to detect credit cards harvested from memory?
Had a chat recently with PCI compliance specialist and got to realize there is a way to steal raw data from Apache / Nginx memory e.g. credit cards. It's called "harvesting" and becomes pretty common.
...
-1
votes
2answers
55 views
LAMP Stack Tiers - why?
What are the vulnerabilities mitigated by a tiered LAMP stack? As I understand it, any breach would allow access to the database even if it was tiered. What's the benefit?
Are we better to ...
0
votes
0answers
17 views
trackback spotted in multple http errors
[Sun May 11 12:24:46 2014] [error] [client private ip] [X_FORWARDED_FOR 27.159.207.165] Path not found: /contact_us_public.php/trackback/, referer: http://www.mydomain.net/contact_us_public.php
Does ...
0
votes
1answer
61 views
Dangers of PHP uploading word docs into a quarantine
I plan to write a PHP script which will allow web users to upload MS Word formatted docs. Here are the precautions I am taking:
Filenames will be created by me (something like YYYY-MM-DD.doc)
Files ...
5
votes
3answers
955 views
How to access directories disallowed in robots.txt?
While scanning my website with uniscan it found my robots.txt file which disallows access to /cgi-bin/ and other directories, but they are not accessible in browser. Is there a way to access the ...
3
votes
3answers
134 views
Is web app safe in not public folder?
I'am wondering if it's really safe to use this structure of my web application.
WEBAPP
Application
Controllers
Models
Views
...
Framework
...
...
0
votes
2answers
201 views
Was I a victim of an “Apache PHP Remote Exploit” attack?
I have a server in my computer for testing purposes, accessible from the outside.
I was reviewing the access.log file, and I saw
89.187.33.50 - - [29/Mar/2014:03:39:01 +0100] "HEAD / HTTP/1.0" 200 -
...
1
vote
1answer
167 views
Have I done enough not be compromised through image uploading
I know that you can never be sure that you have done enough to be secure, and I also know that file uploading is hard to make correct. Before asking this question I read some of the related posts here ...
0
votes
0answers
18 views
Someone is making this request to the php cgi on by apache2 server, what does it mean do? [duplicate]
These are the query parameters the hacker is trying to POST:
...
1
vote
1answer
223 views
VPN Client - Addtional Security Layer or a Useless Feature
I have a corporate web portal which is used for staff collaboration including a web-based mail interface connected to MySQL Database, corporate calendar, file storage, customer contacts data with ...
1
vote
1answer
243 views
www-data is sending rogue mails through sendmail. How do I find the source?
So I have a Ubuntu server hosting a PHP-based web site for me. Some of the services rely on sendmail being configured. I have set it up to send through my GMail account.
As of yesterday ~19:00 CET, ...
4
votes
2answers
189 views
If Apache is configured to parse PHP can users see PHP source code?
If Apache is configured to parse PHP and not allow to index files, are there other ways users can see PHP source code, either with or without intention?
8
votes
2answers
7k views
1
vote
1answer
203 views
Edit virtual host file using php [closed]
I have a php application and somethings related to the application need changes to vhost.conf file.
Presently i'm making the changes manually. But i would like to automate it using a php script.
Is ...
0
votes
3answers
795 views
How to find vulnerable sites on a web server
A client of mine has a managed VPS with dozens of websites on it, maybe even hundreds.
Now his server keeps getting infected on a regular basis.
The webhost / server admins keep digging in the dark. ...
-3
votes
1answer
374 views
Cross-site request forgery attack. How can we stopped this? [closed]
On one of our websites, we are seeing this code is adding itself. I tried to figured out but no success. One thing I have noticed when I removed the html, head and body starting tags, it's gone.
Our ...
6
votes
1answer
416 views
Is enabling PHP script execution on HTML document file extensions a security concern?
I am working on a very old and messy site, which doesn't have a CMS, or a database. However, it has a lot of .htm and .php files. I need to add some PHP code to some of the .htm files, but want to ...
14
votes
2answers
778 views
PHP attack string in access logs
So one of the Invision Power Board installations on my server was recently compromised. I found what seemed to be the attack (using PHP in the query string and carefully crafted cookies), and I ...
2
votes
1answer
185 views
unix malicious scripts/ksh execution
I'm wondering whether my architecture poses a security risk.
Details:
The whole website is not ROOT owned but still, the APACHE user used instead has some pretty advanced permissions.
I have a ...
5
votes
1answer
325 views
Using sudo to secure git deployment via web script
I'm setting up a server to do automatic deployment from a Bitbucket git repository, using Bitbucket's postback facility.
Briefly, how it works it:
I commit to Bitbucket
Bitbucket POSTs to a ...
3
votes
4answers
365 views
Safari downloaded my php source once. Should I worry?
I uploaded via ftp, then typed in the URL of the script to Safari; Safari downloaded the source!!
This hosting site has never done that before - .php scripts have always executed.
I can't duplicate ...
4
votes
1answer
705 views
172.16.33.197, 127.0.0.1 IP addresses in visitor logs
I have a website running Apache and PHP. I see that there are visitors with IP addresses 172.16.33.197 and 127.0.0.1. These addresses do not belong to our network. I get the visitor IP addresses with ...
0
votes
2answers
847 views
Running Apache as system service on Windows 2003 R2 64-bit
Trying to make my point, that running Apache with PHP5 module as Windows service is not secure.
All I got to prove it - FTP access to some internal website.
So what I did - I uploaded file test.php ...
6
votes
2answers
187 views
HTTP daemon and Webroot permissions
We have a contracted web developer that uses deployment scripts to update and deploy web sites. In order for them to work they require write access to the whole webroot through the httpd user.
I have ...
0
votes
3answers
2k views
How to filter POST requests before they reach PHP on Apache?
I have done URL filtering with .htaccess (using learning and generator), however I am still concerned that any POST request can be submitted to the PHP even there is only one POST form on the website, ...
2
votes
2answers
283 views
How to properly secure OO PHP CMS?
I have OO PHP application which serves pages as well it does payment card processing via external RBS payment gateway. There is also reporting database. The problem is when somebody exploits this PHP, ...
5
votes
4answers
1k views
Server wide javascript injection
UPDATE: The server was rooted, php.ini was replaced that cause the injection to appear. Still haven't figured out which directive is injecting the javascript.
I'm troubleshooting a hacked website ...
9
votes
4answers
6k views
How safe is it to install XAMPP on my home computer to test PHP code?
I want to test some PHP code and I figure the best way is to install XAMPP - but I'm nervous about installing server software on my home computer.
Is it generally safe to install XAMPP (given that I ...
9
votes
2answers
1k views
Securing my web-server / website [closed]
Does anyone know of a comprehensive security guide about important basics / fundamentals which should be done to secure a web-server / website? A web link would do.
