How prevent malicious php files being added?



Hello, from time to time in my sites structure (various CMSs) appears malicious .php files.

So im unable to discover on what is the bug or how they managed to appear. the hosting password was changed and is unguessable

so my FIRST question:

can i prevent scripts to be added by changing all folders permission to no writing? i men remove write bit in folders..

or would i need to remove writing rights to even files?

here the chmod commands

SECOND question:

which php function is needed for creating an file with some content?




Just make sure your directory and file permissions are set properly.

Files should be 0644, and directories 0755. If you feel you're in an insecure environment, update it. If it's already updated, make sure you're disabling unnecessary PHP functions. Here're some PHP functions most can disable without any issues, just add this after "disable_functions" in your php.ini.

phpinfo, show_source, allow_url_fopen, apache_child_terminate, apache_setenv, define_syslog_variables, escapeshellarg, escapeshellcmd, eval, exec, fp, fput, ftp_connect, ftp_exec, ftp_get, ftp_login, ftp_nb_fput, ftp_put, ftp_raw, ftp_rawlist, highlight_file, ini_alter, ini_get_all, ini_restore, inject_code, mysql_pconnect, openlog, passthru, php_uname, phpAds_remoteInfo, phpAds_XmlRpc, phpAds_xmlrpcDecode, phpAds_xmlrpcEncode, popen, posix_getpwuid, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, posix_setuid, posix_uname, proc_close, proc_get_status, proc_nice, proc_open, proc_terminate, shell_exec, syslog, system, xmlrpc_entity_decode

This will restrict most of your attacker's functionality in the system, as well as limit what information is being displayed to give them attack vectors.
MALIBAL Linux Laptops

Linux Laptops Custom Built for You
MALIBAL is an innovative computer manufacturer that produces high-performance, custom laptops for Linux.

For more info, visit:

Members online