Apache Binary Backdoors on Cpanel-based servers

One thing that can be said about web security is that it is never boring. Sucuri has an alert on a naughty little exploit which, instead of using previously seen methods like adding modules or changing Apache configurations, replaces the Apache binary (httpd) with a rotten one. Definitely eye-opening. See the link for data from Esset as well on this.

Comments

  1. Lenard says

    Apache is a never ending work in progress. Though Apache has been at the back bone of the internet for so very long, exploits continue to arise as people find and create new web server implementations. Any good webmaster should remain proactive, and study up on all their tech security. Whenever a web script/application allows users/visitors to make comments/edit content/interact directly, the very nature of such interactivity is bound to pose security vulnerabilities.

    I can remember setting up my first website way back in 2000. At that time, there were thousands of web hosting services, but many of the consumer oriented hosts didn’t allow site creators to use CGI/Perl on their servers. That was due to the fact that – while not necessarily being done intentionally, a single user could implement sloppy/amateur code scripts – which could open up huge potential back doors for knowledgeable hackers.

    I am happy to say that server-side resources have gotten much better since those days – yet sloppy/old/unmaintained Java, Perl, PHP, and other HTML 5 type applications can create major risks for sites if not well secured.

    Web security is no easy task for either the server administrators, or the site masters/creators.