since you've professed a renewed confidence, this may be quite moot, but you can always look at mod_security which will, amongst other things, stop the directory traversal attacks which you have been suffering from.
Here's an article you may be interested in http://www.securityfocus.com/infocus/1739 On Thu, Apr 17, 2008 at 5:33 PM, Rick Phillips <[EMAIL PROTECTED]> wrote: > > On Thu, 2008-04-17 at 14:01 +1000, Michael Chesterton wrote: > > On 17/04/2008, at 6:09 AM, Rick Phillips wrote: > > > > > > !!!! 1 possible successful probes > > > /long_path_to_file/../../../etc/passwd HTTP Response 200 > > > > > > With the environment (described above) in place, should I be > > > worried or > > > should I be confident that I have taken every precaution I can take? > > > > > > > I would be a little concerned if they can download /etc/passwd, they > > could > > download a more sensitive file. Have you tried to download passwd > > yourself? > > does it actually work? > > > > What's your DocumentRoot, out of curiosity? > > > Thanks to all who have replied and reinforced my confidence in what I > have been doing. > > I don't have much gold but I have been through the pain of having my > server hacked twice in quick succession some years ago when I was wetter > behind the ears. Those events alone caused me to be somewhat paranoid. > The server in question is a small commercial server but I maintain > several others following the same rules I have outlined in my original > email. It is not convenient for me to have to restore from any backups > as some sites are inconeniently too far away. > > I do like one respondent said, keep mirror a image on a spare disk and > when I was hacked that got me up again in minutes but this is not always > convenient, especially when sites and email accounts change frequently. > > I think the exclusion of all connectivity except for a single IP address > is my greatest protection along with frequently changing complex > passwords and a non standard port. > > I was looking also to see if anyone had something to offer that I had > not thought of but I am resting much easier now. > > Thanks again to all who responded. > > Rick > > -- > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html > -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
