Current time: 11-26-2024, 04:20 AM Hello There, Guest! (LoginRegister)


Post Reply 
[SOLVED] Security Concerns
Author Message
pgentoo Offline
Member
*****
Dev Team

Posts: 326
Joined: Mar 2007
Reputation: 0
Post: #2
RE: Security Concerns
Roundcube has recently had some exploits which were used to do such things. THis happened on one of my customers VM's. We did the following, and haven't had problems since.

You can harden php settings a bit to limit this, there is plenty of info online about this. Usually involves disabing a few mothods, etc.

Also remove links,lynx,wget,curl access from normal users (chown root:root, chmod 700), to make it harder for them to get the binary to your server.

Further more, you can mount your /tmp with "noexec,nosuid". This will block any stuff that is uploaded to /tmp from being executed by the script. This is good to have regardless.

Protecting against stuff like this is an ongoing process, and needs constant attention. Setting up active monitoring of your systems (notification when things are "strange"), will let you respond to and fix these types of issues.

Also look into installing mod_security, and setting up a basic set of rules to protect against common exploit types. Note that using ALL the rules, will break lots of sites, so pick and choose what you use...

I hope that helps,

-
pGentoo
02-04-2009 08:36 AM
Find all posts by this user Quote this message in a reply
Post Reply 


Messages In This Thread
[SOLVED] Security Concerns - nuke3d - 02-03-2009, 12:46 AM
RE: Security Concerns - pgentoo - 02-04-2009 08:36 AM
RE: Security Concerns - nuke3d - 02-04-2009, 07:50 PM

Forum Jump:


User(s) browsing this thread: 1 Guest(s)