Blocking fantastico install ?

This forum is only for reproducible bugs with csf and lfd (i.e. not iptables problems, lack of understanding how to use a feature, etc). Posts must be accompanied with full technical details of the problem and how it can be recreated. Any posts not adhering to this, or not considered bugs, will be moved to the General Discussion (csf) forum.
Post Reply
Interdit
Junior Member
Posts: 2
Joined: 10 Aug 2007, 18:11

Blocking fantastico install ?

Post by Interdit »

Hello,

Since a few days, I'm getting this for each file of a php script:

Time: Mon Oct 29 14:40:36 2007
File: /tmp/b0692f57_TemplatePatch.class.php
Reason: Script, file extension
Owner: nobody:nobody
Action: Moved into /etc/csf/suspicious.tar

I suppose it's coming from Fantastico, how can I allow it ?

Thanks,
Francois
Top
Infopro
Junior Member
Posts: 142
Joined: 15 Dec 2006, 00:22

Post by Infopro »

I wouldn't allow it. A quick search for the filename, TemplatePatch.class.php shows many broken sites. This is nothing to do with CSF though, other than its protecting your server which is a good thing. You should probably head over to Netenberg/Fantastico and ask them about it if you suspect a Fantastico script.

You might also take a closer look at: /etc/csf/suspicious.tar and see exactly whats in it.
Top
Post Reply

Return to “Report Bugs (csf)”