One thing I hate about some hosting companies is that they have Robust Exceptions switched on, but what concerns me even more is that they don't care that this is a security risk... If your hosting company is one of them, get in their ears about having it switched off.
If they refuse then its time for a change. Also as a caution not a rule, if your lucky enough to have the time, look into using any framework that supports MVC and SES rewrites, this has stopped them in their tracks as they are not able to run the uploaded code. Not with ease at least anyway. Still I am not sure how they are uploading these files, as there is nothing in the logs that indicates this. I am guessing that something else on the server is compromised and because they are able to and do look for exceptions being displayed to the screen they now know where to start spreading their malware. My guess is there is an exploit still know and not public that is bypassing all sand boxing at the moment. -- Regards, Andrew Scott WebSite: http://www.andyscott.id.au/ Google+: http://plus.google.com/113032480415921517411 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:354445 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm