|
|
|
|
|
|
by static_cast
5447 days ago
|
|
|
If I'd like to "hack" a LAMP-Server I certainly wouldn't start by attacking Apache or PHP. The biggest attack vector are outdated scripts. Once an attacker has access to PHP, he basically has a normal user login. Running PHP as the apache user gives the attacker full read access to all your web-folders. If I where him, I'd put 2 lines code into the PHP-Webmail script to send me your e-mail logins and from there I can research further... using fastcgi for php, block/log outgoing traffic per uid/gid, disable sockets for php uids, use suhosin to disallow certain php calls, nosuid,noexec webroot/tmp nothing really protects you against a mildy creative attacker... I'm a sysadmin for a dozen LAMP shared hosting sites used by non-tech users and keeping these things secure is a major pain in the ass. especially if your users want to use these riciolous unsecure php scripts. joomla die in a fire... I'm sorry disabling version numbers is good idea but calling it "securing" your server is idiotic. /rant |
|
|