While trying to lock down a WordPress site that keeps getting attacked, I realized that the /cgi-bin folder was being exploited when I found an index.php file in it.
In fancy security operations lingo, the cgi-bin folder was an "attack vector" for the WordPress exploits the site was experiencing.
So, in order to reduce the risk of forgetting to check that folder for files in the future, I wanted to just get rid of it entirely. cPanel doesn't have a "disable the cgi-bin folder" option, but I realized the solution is even simpler:
If you don't use the cgi-bin folder, just delete it!
Use your FTP program, cPanel or whichever method you use to manage your site files and say sayonara to it.
Occasional Musings
Saturday, October 12, 2019
Thursday, October 27, 2011
Mysterious IE9 Redirect
It seems that all the modern browsers support redirect caching. When you're browsing around the intarwebs this makes sense. When you're developing a site, however, and testing 301 and 302 redirects, this becomes a hurdle which you must overcome.
Using Internet Explorer (I'm on version 9) Developer Tools, the "clear cache" button doesn't quite do the job! Cached Redirects are not removed. If you download and install Fiddler, though, there's a "clear cache" option that does a more complete cleanup.
Hopefully you didn't spend hours trying to track down in your code a redirect that wasn't there to begin with!
Here's an article that describes it: http://www.sadev.co.za/content/redirected-down-one-way-clearing-internet-explorer-host-redirect-cache.
Using Internet Explorer (I'm on version 9) Developer Tools, the "clear cache" button doesn't quite do the job! Cached Redirects are not removed. If you download and install Fiddler, though, there's a "clear cache" option that does a more complete cleanup.
Hopefully you didn't spend hours trying to track down in your code a redirect that wasn't there to begin with!
Here's an article that describes it: http://www.sadev.co.za/content/redirected-down-one-way-clearing-internet-explorer-host-redirect-cache.
Subscribe to:
Posts (Atom)