We have suddenly started having issues with one of our servers with a local hosting company. We have never had any issues at all for the 6-7 years we've used their servers (we have a total of 5-6). Anyway, this one server went down last week, and tech support said:
"Your VPS has been either hacked or an insecure script has been used to upload stuff. We have tar'ed up the data was being used (/tmp/b.tar.gz) You need to have your developer take a look at your sites code to determine any vulnerabilities" To which I responded, "ok, assume that we believe all of our scripts are secure. in looking at the logs, how do i pinpoint that someone is/was trying to upload something?" Tech support was less than helpful after that. So I pose the question to the list. How do I pinpoint the issue? There are about five domains running on the site, and we did not have any issues until we upgraded a ZenCart install for one of the sites. -- Randal Rust R.Squared Communications www.r2communications.com 614-370-0036 _______________________________________________ New York PHP User Group Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk http://www.nyphp.org/show_participation.php
