Mengamankan server Anda dari Shell/backdoor PHP

Posted: Januari 25, 2012 in Hacking

oleh Chliz Aceh @AcehCyber Team’s

hehehee
tambahkan script dibawah ini di file “php.ini” kamu, jika belum ada, silahkan buat dengan nama tersebut
supaya melindungi server anda dari pelaksanaan Shell/backdoor

Code :

” disable_functions = php_uname, getmyuid, getmypid, passthru, leak, listen, diskfreespace, tmpfile, link, ignore_user_abord, shell_exec, dl, set_time_limit, exec, system, highlight_file, source, show_source, fpaththru, virtual, posix_ctermid, posix_getcwd, posix_getegid, posix_geteuid, posix_getgid, posix_getgrgid, posix_getgrnam, posix_getgroups, posix_getlogin, posix_getpgid, posix_getpgrp, posix_getpid, posix, _getppid, posix_getpwnam, posix_getpwuid, posix_getrlimit, posix_getsid, posix_getuid, posix_isatty, posix_kill, posix_mkfifo, posix_setegid, posix_seteuid, posix_setgid, posix_setpgid, posix_setsid, posix_setuid, posix_times, posix_ttyname, posix_uname, proc_open, proc_close, proc_get_status, proc_nice, proc_terminate, phpinfo,system,passthru,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,dl,popen,popen,pcntl_exec,socket_accept,socket_bind,socket_clear_error,socket_close,socket_connectsafe_mode = Onregister_globals = Offdisplay_errors = Offallow_url_fopen = Offallow_url_include = Offenable open_basedir(set it to webroot path) “

Dan ubah permsion dari php.ini tidak Satu Dapat yg dapat Mengubahnya kecuali Admin
Moga bermanfaat🙂
Enjoy

ACT-CREW

Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s