[IrPr]

Quote:

Originally Posted by grniyce

I did everything you said and then I had a friend find some of the most common scripts that cause trouble, and we uploaded them to a mock site we setup and they were stopped dead in their tracks. Furthermore, CSF blocked the ip's automatically via LFD. I am truly amazed and overwhelmingly thankful for your help!

The only question I have is:

I signed up on that site, but how would I import/apply these rules? I have WHM and the latest CSF.
http://downloads.prometheus-group.co...-latest.tar.gz

Thank you once again for your contribution. I cannot say how thankful I am in words.

Sincerely blessed from receiving your help,

Anthony Jordan

Welcome dude

About mod_sec rules im using JIT and rootkit right now, but i think Tony is more familar with those rules

Quote:

Originally Posted by DraCoola

Still no luck.
Because fantastico need php_uname, shell_exec, and system are enable on php.ini.
So the c99 can ls, ls -al, and cat accross to other vhost again

Quote:

Originally Posted by Tony

Fantastico should be using cPanel's PHP not the system one. So you should not have to enable those functions for fantastico to work properly. If it's using the system PHP you should run /scripts/makecpphp and it'll rebuild the cpanel php.

Fantastico uses the main php.ini file located /usr/local/lib/php.ini while LS uses LSPATH/lsphpx/lib/php.ini by default

PS: I strongly suggest disabling Fantastico if you can because of lots of vulnerabilities
Examples: http://www.milw0rm.com/exploits/6461 or http://www.milw0rm.com/exploits/6897