Support

bt5 · #1 05-24-2012, 06:30 PM

Hello,

i cand find DisableCgiOverride
"DisableCgiOverride On" in Apache Style Configurations (Admin Console -> Configurations -> Server -> General).

i have add

<IfModule litespeed>
DisableCgiOverride On
</IfModule>
to httpd.conf file
but perl script is working yet

<Directory "/">
Options -ExecCGI -FollowSymLinks -Includes IncludesNOEXEC Indexes -MultiViews SymLinksIfOwnerMatch
AllowOverride AuthConfig Indexes Limit FileInfo Options=IncludesNOEXEC,Indexes,Includes,MultiViews ,SymLinksIfOwnerMatch,FollowSymLinks
</Directory>

perl script work with
perl.tttt

and they add this for .httacess
Options FollowSymLinks MultiViews Indexes ExecCGI

AddType application/x-httpd-cgi .back

AddHandler cgi-script .tttt
AddHandler cgi-script .tttt

how i can disable it

NiteWave · #2 05-24-2012, 08:11 PM

Quote:

Options FollowSymLinks MultiViews Indexes ExecCGI

try: modify it to
Options FollowSymLinks MultiViews Indexes -ExecCGI

bt5 · #3 05-25-2012, 04:46 AM

not fixed !!!

bt5 · #4 05-25-2012, 09:39 AM

is there any way to stop this

NiteWave · #5 05-25-2012, 08:39 PM

not clear about your environment.

Quote:

and they add this for .httacess

what's the relationship between "they" and you.

just for an suggestion: you can set /usr/bin/perl 's permission to disable the ability of user running perl cgi script.

bt5 · #6 05-26-2012, 04:29 AM

they are a hacker, if they run cgi and can break server security
by change chmod perl alo they can upload new perl file
and they change line 1 of perl script to new perl file
#!/home/user/public_html/perl
like this

NiteWave · #7 05-26-2012, 11:16 PM

now a bit more clear about your environment.

one more question: is this account belonging to this hacker ? so he can edit .htaccess file. yes, if someone can edit .htaccess, it's very difficult to prevent him to do anything bad further.