[mapserver-users] Server hacked via cgi-bin - Mapserver, PHP, …? How to better protect the machine now?

[Stefan Schwarzer]

Hi there,

our server on which we have an application with mapserver running has been hacked two times within the last month. Each time (it seems), they succeeded to inject a perl script through /cgi-bin/.

Now, not yet 100% how they came in… But it seems they came in via PHP in /cgi-bin/. But we're not 100% sure. If it would be the case, we could delete the PHP in /cgi-bin? Are there any reports on /cgi-bin/mapserv being hacked?

Thanks for any hints,

Stefan