Hello all,
One place I do work for is having trouble with Hacker activity.
Let's face it, there are hacker's out there trying to take down systems.
The specific issue I'm seeing is .php files vanishing from the web server.
This is annoying and I'm wondering if any others are seeing anything
Hi David,
Are you sure the .php files are being removed by a malicious actor? Are there
log entries or other traces that indicate an exposure to an exploit? To remove
files from a system would leave traces of
activity, even remotely and subsequent tampering to cover it up is usually
clumsily
Files are definitely being deleted.
Which log would I look in ?
It's a common Linux cpanel hosting plan.
On Tue, Jun 2, 2015 at 3:01 PM, gr0ve gr...@exemail.com.au wrote:
Hi David,
Are you sure the .php files are being removed by a malicious actor? Are
there log entries or other traces