This is an emergency situation. KLOXO has exposed important security issues. Malicious visitors actually control the machine by passing in malicious PHP code (some such as default.php) in the Default directory of the KLOXO panel. Carrying out DDoS attack (called packet sending) will cause VPS or server network congestion, and the computer room may have null IP as a result. All readers who install and use KLOXO panels are asked to pay close attention and deal with it as soon as possible.
The following is an article quoted from the Hostyum forum. The original source is: http://www.hostyum.com/thread-23-1-1.html
VPS users can use temporary processing Method, log in to the VPS via SSH with the root account and execute the following instructions:
| 1 2 3 |
chmod 000 /home/kloxo/httpd/default rm -r /home/kloxo/httpd/default/*.php find /home/admin -type d -name cgi-bin -exec rm -r { } ; |
Recently, DDoS attacks have been rampant. Even small blogs like Good VPS Collection have boring people trying their hands. Please be careful.
During the Lunar New Year, blog updates will be delayed. Readers and friends, please forgive me.