Ask Question Forum:
Model Library:2025-02-08:A.I. model is online auto reply
C
O
M
P
U
T
E
R
2
8
Show
#
ASK
RECENT
←
- Underline
- Bold
- Italic
- Indent
- Step
- Bullet
- Quote
- Cut
- Copy
- Paste
- Table
- Spelling
- Find & Replace
- Undo
- Redo
- Link
- Attach
- Clear
- Code
Below area will not be traslated by Google,you can input code or other languages
Hint:If find spelling error, You need to correct it,1 by 1 or ignore it (code area won't be checked).
X-position of the mouse cursor
Y-position of the mouse cursor
Y-position of the mouse cursor
Testcursor
caretPos
Attachment:===
Asked by philevans114
at 2024-07-29 00:12:33
Point:500 Replies:3 POST_ID:828630USER_ID:11495
Topic:
Miscellaneous Programming;Web Servers;Networking Security Vulnerabilities
Hi
I am managing a dedicated linux server running Centos 5.9. I have a problem. I have someone illegally sending spam from the server and setting up http redirects to phishing sites. I have checked security of the server and proved that open relay is not allowed.
I have a directory and file appear in /usr/local/apache/htdocs :
directory .xmlrpc and file xml.html
I cannot delete them regardless of what permissions I assign. I always get 'permission denied'.
I guess that these are related to xml remote procedure calls and I'm assuming that the offenders are using this to access the server.
Please could you help by letting me know how to stop this.
Regards
Phil
I am managing a dedicated linux server running Centos 5.9. I have a problem. I have someone illegally sending spam from the server and setting up http redirects to phishing sites. I have checked security of the server and proved that open relay is not allowed.
I have a directory and file appear in /usr/local/apache/htdocs :
directory .xmlrpc and file xml.html
I cannot delete them regardless of what permissions I assign. I always get 'permission denied'.
I guess that these are related to xml remote procedure calls and I'm assuming that the offenders are using this to access the server.
Please could you help by letting me know how to stop this.
Regards
Phil
Expert: skullnobrains replied at 2024-07-29 07:44:00
does the server host a mail server ?
how did you determine you are not an open relay ?
are these e-mail sent to internal or external customers ?
if internal users can send mail to the server, it is likely one computer is infected. the mail server's logs will be explicit. if you provide one of the email's source, it will be easy to trace as well
how did you determine you are not an open relay ?
are these e-mail sent to internal or external customers ?
if internal users can send mail to the server, it is likely one computer is infected. the mail server's logs will be explicit. if you provide one of the email's source, it will be easy to trace as well
Author: philevans114 replied at 2024-07-29 04:44:07
Thanks Duncanb7
I'll try that and get back to you.
Regards
Phil
I'll try that and get back to you.
Regards
Phil
Accepted Solution
Expert: duncanb7 replied at 2024-07-29 00:35:47
500 points GOOD
create "robots.txt" file at public_html directory that is same place you store .htaccess file
and then add the following command in .htaccess
.htaccess
#====================================
ErrorDocument 503 "Site temporarily disabled"
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^.*(bot|crawl|spider).*$ [NC]
RewriteCond %{REQUEST_URI} !^/robots.txt$
RewriteRule .* - [R=503,L]
#======================================
And then place the follwing code in robots.txt
robots.txt
#===============
# For more information about the robots.txt standard, see:
# http://www.robotstxt.org/orig.html
User-agent: *
Disallow: /
#==============================
That is all, and search robots.txt in goolge
Duncan
and then add the following command in .htaccess
.htaccess
#====================================
ErrorDocument 503 "Site temporarily disabled"
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^.*(bot|crawl|spider).*$ [NC]
RewriteCond %{REQUEST_URI} !^/robots.txt$
RewriteRule .* - [R=503,L]
#======================================
And then place the follwing code in robots.txt
robots.txt
#===============
# For more information about the robots.txt standard, see:
# http://www.robotstxt.org/orig.html
User-agent: *
Disallow: /
#==============================
That is all, and search robots.txt in goolge
Duncan