Need a quick way to generate a PHP backdoor for a compromised server you want to come back to later, then weevely is your application. I was pleasantly surprised when I started playing around with weevely in more detail as it provides a ton of built in functionality and does a lot more than I initially though that weevely did. The weevely application is built using Python and its current version on Backtrack 5 R3 is weevely v0.7. The weevley.py Python script is located in the /pentest/backdoors/web/weevely directory and some of its uses are described in more detail below.
If you have ClientExec installed in a sub-directory say /clientexec and want to require HTTPS only for ClientExec the easiest way to accomplish this is by putting a .htaccess file inside of the sub directory itself. There are numerous solutions to this posted as CE Knowledge Base Articles and within the CE forums but many of them did not work for me so I wanted to post the solution that worked on setup using CentOS as the operating system and using Apache/PHP/MySQL on that platform.
Recently I have been doing a lot of testing on a couple of my web sites that run WordPress and realized that securing your site takes a bit of effort. There are some plugins that do a great job at certain things however I wasn’t able to find any that did a great job of securing everything that I would prefer be secured. Below I describe a multi-pronged approach to securing your WordPress site from hacking attempts using multiple WordPress plugins as well as performing a couple manual steps that ensure the WordPress details exposed to the world are minimal.
Earlier when mirroring a Zen Cart online store for a customer to work on some custom modifications for him I ran into an error when attempting to visit the site in a web browser. The issue relates to Rewrite rules in the .htaccess file which I was able to easily track down by viewing the Apache error logs for the site. Below is more information regarding the error located in the logs and how I was able to resolve the problem.
Recently I was doing a security audit on a Linux server and noticed some Apache and PHP items that needed to be modified to make the server more secure. One of the items that should be disabled is allow_url_fopen because the risk that it can be abused. The issue is that allow_url_fopen is on by default even though many times it is never used on a server. Modify the below line in the Linux servers php.ini file which typically located in the /etc directory.