spacer.png, 0 kB
Members: 3227
News: 1346
Web Links: 2
We have 10 guests online

spacer.png, 0 kB
 spacer.png, 0 kB

Latest News

Popular

Home arrow All Articles arrow Web Hosting Articles arrow How to stop the PHPSHELL on windows2003
How to stop the PHPSHELL on windows2003 Print E-mail
How to stop the PHPSHELL on windows2003
Wirte by :BlueStar(China)

1.stop the PHPSHELL go to other path
We should lock PHPSHELL on the VirtualHost,and the the PHPSHELL can not go anywhere but the virualhost.there are two methos
The first methos:if your VirtualHost path is E:\yourweb\home,open your “http.conf”,and write: php_admin_value open_basedir E:\yourweb\home
The two methos :open your “php.ini”,and find “openbase_dir”,kill the “;” change it to: open_basedir=” E:\yourweb\home”
The two methos can lock PHPSHELL on the VirtualHost path,by the way ,I preffer the second to first,
at last ,find” allow_url_fopen”,and let it “off”,this is stop to away use file,call “include file”

2.stop PHPSHELL Command
The PHPSHELL command is go muse use that is “passthru,exec,shell_exec,system”
Many persons offen make “safe_mode” on,and they think it is so safely,but at fact,it is not so!many methos can command on “safe mode on”,like “errorlog”! so you have better open “php.ini”,and do it “disable_functions= passthru,exec,shell_exec,system”,and then the “passthru,exec,shell_exec,system” can not work,the PHPSHELL command is also work to!

3.turn off errors
We must turn off “errors”,if you test your phpsystem,you could turn of “errors”,when you put your phpsysterm on the internet ,you should turn off,some “errors” will help hacker to hack your phpsystem. “magic_quotes_gpc = On” ,if you don’t like change to “\”,you should “magic_quotes_sybase = On”,enjoy it!




4.close upload
many PHPSHELL go to your system with “upload”,so you find “file_uploads = On” in the “php.ini”,and turn it off.but the “http” can not upload.
5. windows system config
in the windows2003, the Apache work on Administrator,it is not safe ,we must build user,and let the Apache work with “user”
6.Sorry for my poor English,and I come form China,if somebody want to make friends with me ,welcome,my MSN is This e-mail address is being protected from spam bots, you need JavaScript enabled to view it I hope to http://www.governmentsecurity.org/forum/index.php the BBS ID,I want to chat about with you.thanks



Related Items:
 
< Prev   Next >
[ Back ]
© 2008 DataStronghold.com
Joomla! is Free Software released under the GNU/GPL License.
 spacer.png, 0 kB
spacer.png, 0 kB
spacer.png, 0 kB
 spacer.png, 0 kB
ss_blog_claim=69052e837be509b449eef698573ca058