Try to move the cache folder instead, file uploads in /tmp with .php
extension could be associated with security breaches in forum/wp sites.
 On May 15, 2011 8:41 AM, "Marco Afonso" <mafonso...@gmail.com> wrote:
> Hi all,
> I'm new to PHPTAL and I'm loving it!
> Although, at the same time I started using it on my hosting company, they
> start telling me that somehow files of the format
> /tmp/tpl_xxxxxxxx_name_xxx.....php
> are being detected by ClamAV as malware, which in turn seems to be
> configured to send an email everytime a suspicious malware activity is
> detected...
> Here is a sample:
> On Mon, May 9, 2011 at 21:39, <root@server> wrote:
> Time: Mon May 9 21:39:32 2011 +0100
> File: /tmp/tpl_4dc84a1b_index__xBs0841mR5SpV0Ve3rGStg.php
> Reason: Script, file extension
> Owner: casaespe:casaespe (920:916)
> Action: Moved into /etc/csf/suspicious.tar
> All this is very new to me... I even removed my website and moved file by
> file to try to find any security hole that could cause this SPAM... I'm
> getting crazy!!!
> Can you find an explanation to this strange behaviour? What could be the
> solution?
> Anyway... is there a way to disable caching?
> Thanks!
PHPTAL mailing list

Reply via email to