Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: one of my servers has been compromized

From: Javier Bassi <javierbassi () gmail com>
Date: Mon, 5 Dec 2011 18:57:44 -0300
In addition to the tips given (chroot, disable shell_exec,etc), you
should also use open_basedir with DocumentRoot as path on each
VirtualHost. In case of a compromise via webapp, this will reduce the
compromised zone in the filesystem to the DocumentRoot of one
VirtualHost instead of the whole chroot jail.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: