disable CGI

[bt5]

Hello,

i cand find DisableCgiOverride
"DisableCgiOverride On" in Apache Style Configurations (Admin Console -> Configurations -> Server -> General).

i have add

<IfModule litespeed>
DisableCgiOverride On
</IfModule>
to httpd.conf file
but perl script is working yet

<Directory "/">
Options -ExecCGI -FollowSymLinks -Includes IncludesNOEXEC Indexes -MultiViews SymLinksIfOwnerMatch
AllowOverride AuthConfig Indexes Limit FileInfo Options=IncludesNOEXEC,Indexes,Includes,MultiViews,SymLinksIfOwnerMatch,FollowSymLinks
</Directory>


perl script work with
perl.tttt

and they add this for .httacess
Options FollowSymLinks MultiViews Indexes ExecCGI

AddType application/x-httpd-cgi .back

AddHandler cgi-script .tttt
AddHandler cgi-script .tttt

how i can disable it

 

[NiteWave]

Options FollowSymLinks MultiViews Indexes ExecCGI

try: modify it to
Options FollowSymLinks MultiViews Indexes -ExecCGI

 

[bt5]

not fixed !!!

 

[bt5]

is there any way to stop this

 

[NiteWave]

not clear about your environment.

and they add this for .httacess

what's the relationship between "they" and you.

just for an suggestion: you can set /usr/bin/perl 's permission to disable the ability of user running perl cgi script.

 

[bt5]

they are a hacker, if they run cgi and can break server security
by change chmod perl alo they can upload new perl file
and they change line 1 of perl script to new perl file
#!/home/user/public_html/perl
like this

 

[NiteWave]

now a bit more clear about your environment.

one more question: is this account belonging to this hacker ? so he can edit .htaccess file. yes, if someone can edit .htaccess, it's very difficult to prevent him to do anything bad further.