Protecting admin ZEUS (Zeus Admin Panel)
C) news
As you know, one of the problems of botnets zeus is the detection and abuzy from zeustracker.abuse.ch
In general, I propose a solution to the problem:
at the root of creating
.htaccess
continue doing
404.php 404.php
and make changes in izzmeneniya gate.php
CREDITa Gudda
C) news
As you know, one of the problems of botnets zeus is the detection and abuzy from zeustracker.abuse.ch
In general, I propose a solution to the problem:
at the root of creating
.htaccess
Code:
ErrorDocument 404 / 404.php
continue doing
404.php 404.php
Code:
<? define('SAPI_NAME', php_sapi_name()); if (SAPI_NAME == 'cgi' OR SAPI_NAME == 'cgi-fcgi') {header('Status: 404 Not Found');} else {header('HTTP/1.1 404 Not Found');} echo '<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <HTML><HEAD> <TITLE>404 Not Found</TITLE> </HEAD><BODY> <H1>Not Found</H1> The requested URL '.$_SERVER['REQUEST_URI'].' define ('SAPI_NAME', php_sapi_name ()); if (SAPI_NAME == 'cgi' OR SAPI_NAME == 'cgi-fcgi') {header ('Status: 404 Not Found');} else {header ('HTTP/1.1 404 Not Found ');} echo' <! DOCTYPE HTML PUBLIC "- / / IETF / / DTD HTML 2.0 / / EN"> <HTML> <HEAD> <TITLE> 404 Not Found </ TITLE> </ HEAD> < BODY> <H1> Not Found </ H1> The requested URL '. $ _SERVER [' REQUEST_URI '].' was not found on this server. was not found on this server. <HR> <address>Apache/2.2.3 (CentOS) DAV/2 PHP/5.2.11 mod_python/3.2.8 Python/2.4.3 mod_rpaf/0.6 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8 Server at мой_домен.com Port 80</address> </body></html>'; die(); ?> <HR> <address> Apache/2.2.3 (CentOS) DAV / 2 PHP/5.2.11 mod_python/3.2.8 Python/2.4.3 mod_rpaf/0.6 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl / 2.0.4 Perl/v5.8.8 Server at moy_domen.com Port 80 </ address> </ body> </ html> '; die ();?>
and make changes in izzmeneniya gate.php
Code:
if(@$_SERVER['REQUEST_METHOD'] !== 'POST' if (@ $ _SERVER ['REQUEST_METHOD']! == 'POST'
|| strstr(getenv("HTTP_USER_AGENT"), "curl") | | Strstr (getenv ("HTTP_USER_AGENT"), "curl")
|| strstr(getenv("HTTP_USER_AGENT"), "OpenSSL") | | Strstr (getenv ("HTTP_USER_AGENT"), "OpenSSL")
|| strstr(getenv("HTTP_USER_AGENT"), "Linux") | | Strstr (getenv ("HTTP_USER_AGENT"), "Linux")
|| strstr(getenv("HTTP_USER_AGENT"), "Wget") | | Strstr (getenv ("HTTP_USER_AGENT"), "Wget")
|| strstr(getenv("HTTP_USER_AGENT"), "Python") | | Strstr (getenv ("HTTP_USER_AGENT"), "Python")
|| strstr(getenv("HTTP_USER_AGENT"), "AutoIt") | | Strstr (getenv ("HTTP_USER_AGENT"), "AutoIt")
|| strstr(getenv("HTTP_USER_AGENT"), "FDM 2.") | | Strstr (getenv ("HTTP_USER_AGENT"), "FDM 2.)
|| getenv("HTTP_USER_AGENT") == "") | | Getenv ("HTTP_USER_AGENT") == "")
{ {
include ("404.php"); include ("404.php");
die(); die ();
} }
CREDITa Gudda