fail2ban also helps
On 04/01/12 21:13, AJ McKee wrote:
> Hi Kieran,
>> Best list for such questions is the php users groups, php.ie
>> But here are a few tips;
>> 1. Set max exception time to a low setting
> 2. Change the post_max_size and max_input_time
> 3. If you control the servers, consider putting mod_security on either an upstream reverse proxy or on the hosts themselves
> 4. Always, always, always mount /tmp /var/tmp with no exec
> 5. Download your logs or better remote log
> 6. Filesystems mount with ACL options in stab are a must
> 7. BACKUPS
>> In short there are a lot of things you can be doing here. If you have been hacked, get all the open net connections, get all logging information, get as much info as you can from the host. Take it offline, as you don't want to be used as a bounce host towards someone else.
>>>>> On Wednesday 4 January 2012 at 21:50, Kieran O'Sullivan wrote:
>>> Hi
>> I running two drupal 5.5 (yes I know its old but it works) web sites on
>> linux and so far I haven't been hacked. I have followed all of the drupal
>> guidelines for security.
>>>> I am looking for anyone one who has experience with linux/apache/drupal to
>> give me more advice especially if you have been hacked.
>>>> Thanks.
>>>>>>>>>> --
>> Irish Linux Users' Group mailing list
>> About this list : http://mail.linux.ie/mailman/listinfo/ilug>> Who we are : http://www.linux.ie/>> Where we are : http://www.linux.ie/map/>>>>>
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
