• Home
  • About
    • About Us
    • Our Team
    • Case Studies
  • Services
    • E-Commerce Solutions
    • Mobile Application Development
    • Web Development / Enhancement
    • WeChat Official Account for Business
      • WeChat Subscription Account
      • WeChat Service Account
      • WeChat Mini Program
      • Our Clients
    • Internet Marketing & Advertising
    • Web Hosting & Domain
  • Coding Academy
  • Blog
  • Contact Us

Secure Your Shared Hosting

December 25, 2017

  • 0 Comments
  • Bravo Net
  • Security, Tips & Tutorial, WordPress

Recently we’ve been attacked by hackers due to some of the vulnerable WordPress site that hosted in our server. Hackers manage to inject backdoor shell scripts that are able to crack our cPanel password, change other opensource site’s admin password, and access to all our hosting account’s web files. According to the hacker codes that we manage to grab from the hacked folders, they are rely on PHP shell functions in their backdoor codes. We did research online, and below is what we found out.

In order to harden your PHP server security you should disable the following functions in your PHP.ini.

exec, passthru, shell_exec, system, proc_open, popen, apache_child_terminate, apache_setenv, define_syslog_variables, pcntl_exec, openlog, posix_getpwuid, posix_kill, posix_setpgid, posix_setsid, posix_setuid, posix_setuid, posix_uname, proc_close, proc_get_status, proc_open, proc_terminate, syslog

How to do it?

If you are hosted under shared hosting, please contact your webmaster to disable them.

If you own a shared hosting server, please go to our server control panel and look for PHP.ini, search for the keyword disable_functions=””. Insert the above functions that mentioned within the double quote. Save it and restart your server.

Post Views: 404

Post navigation

← Previous Post Previous post:
Next Post → Next post:

About Author: Bravo Net

All Comments


    Write a Comment

    Cancel

    ABOUT US

    Bravo Net Solution is a digital agency dedicated to building a better internet by providing innovative solutions to clients with the vision to have their businesses connected to the digital world.

    FIND US

    Address
    Unit 1009, Lobby 3, 10th Floor, Block A,
    Damansara Intan, Jalan SS20/27,
    47400 Petaling Jaya, Selangor Darul Ehsan
    Malaysia

    Hours
    Monday—Friday: 10:00AM–6:00PM

    Contact
    Tel: +6011 2020 9588
    Email: [email protected]

    Quick link

    E-Commence Solutions

    Mobile Application Development

    Web Development / Enchancement

    WeChat Development Services

    Internet Marketing & Advertising

    Web hosting & domain

     

     

     

     

    ©Copyright 2017 Bravo Net Solution, a wholly owned subsidiary of Sapiens Technologies Sdn Bhd. All Rights Reserved.

    FacebookLinkedin
    We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok