Look at installing mod_security, http://modsecurity.org
Install some rules for it to harden your webserver, see if anything is
flagged in the security log.
Ross Tsolakidis wrote:
"Wipe, install, set up chkrootkit and run it often."
I've already done that. There was no rootkit.
"How does phpnuke compromise apache if apache is set up correctly?"
I believe it's some of the modules available and running php with 'safe
mode off'.
I need to find the vulnerable code on this box. And I have no idea
where to begin.
I've tried running virus scans, nothing is infected.
--
Ross
