Le Wed, 26 Feb 2014 15:09:49 -0300 Leonardo Coelho <leonardoscoe...@gmail.com> a écrit:
>Hello List, > >I got second time hacked on a server only running GLPI, inside of >apache structure i have /var/www/html/glpi/ajax/0jh234781. > >The server is on the linode infrastructure. The first time my server >was used for a Mexico bank phishing website and the second one a bank >from Chile phishing website. > >I re-install the server but it seems a bug on the ajax scripts on the >glpi. > >Can anyone help with that problem? I still got the phishing website if >anyone needs to look for evidence to find the solution. It's simple, apache may not have right to write in folders other than glpi/files. If you have file '0jh234781', apache have right to write into this folder. So remove this right and will be better. However, seems a problem, we need : 1/ know your GLPI version 2/ get creation date of this file '0jh234781' 3/ get lines in apache access log for this date With this we will be able to see more where is the problem. Best regards, David Durieux ++ >Thanks in Advanced, >Leonardo Coelho _______________________________________________ Glpi-dev mailing list Glpi-dev@gna.org https://mail.gna.org/listinfo/glpi-dev
