Arne Berglund wrote: > I haven't seen any probes looking for RC in any of my logs (any server), >
At least two script-kiddie PHP vulnerability scanners probe for Roundcube, and that has shown up in several of my servers. > but I am interested in securing the bin directory. What's everyone's feel > on the best method to do this? > No, you can't just protect the whole directory. Roundcube uses the *.php stuff in /bin, so you have to disable the shell scripts. Make sure that your server configuration does not allow execution, and remove the executable bit from the *.sh files, or simply delete/move the scripts. Carlos _______________________________________________ List info: http://lists.roundcube.net/users/
