Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ! grep '\#.*bind-address' /etc/mysql/my.cnf
- grep 'user.*mysql' /etc/mysql/my.cnf
- ! grep tsar /var/lib/mysql/ibdata1
- grep '\-FollowSymLinks' /etc/apache2/apache2.conf
- grep '-Indexes' /etc/apache2/apache2.conf
- grep -i 'ServerSignature.*Off' /etc/apache2/apache2.conf]
- ! [ -e /var/www/html/info.php ]
- ! [ -e /var/www/html/wp-content/plugins/wp-downloader ]
- grep -i 'expose_php.*Off' /etc/php5/apache2/php.ini
- grep -i 'display_erros.*Off' /etc/php5/apache2/php.ini
- grep -i 'file_uploads.*Off' /etc/php5/apache2/php.ini
- ! grep -i tsar /var/lib/mysql/wordpress
- {
- "1": ["Mysql remote acess diabled%s", 10, "! grep '\#.*bind-address' /etc/mysql/my.cnf", [" "]]
- "2": ["Mysql runs as mysql user%s", 5, "grep 'user.*mysql' /etc/mysql/my.cnf", [" "]]
- "3": ["Mysql user tsar removed%s", 5, "! grep tsar /var/lib/mysql/ibdata1", [" "]]
- "4": ["Wordpress user theTsar removed%s", 5, "! grep Thetsar /var/lib/mysql/ibdata1", [" "]]
- "5": ["Apache2 does not follow sym links%s", 5, "grep '\-FollowSymLinks' /etc/apache2/apache2.conf", [" "]]
- "6": ["Apache2 does not index%s", 5, "grep '-Indexes' /etc/apache2/apache2.conf", [" "]]] ]", [" "]]
- "10": ["PHP not exposed%s", 5, "grep -i 'expose_php.*Off' /etc/php5/apache2/php.ini", [" "]]
- "11": ["PHP does not display errors%s", 5, "grep -i 'display_erros.*Off' /etc/php5/apache2/php.ini", [" "]]
- "12": ["PHP file uploads disbaled%s", 5, "grep -i 'file_uploads.*Off' /etc/php5/apache2/php.i
- "7": ["Apache2 does not show signature%s", 10, "grep -i 'ServerSignature.*Off' /etc/apache2/apache2.conf]", [" "]]]
- "8": ["PHP info removed%s", 5, "! [ -e /var/www/html/info.php ]", [" "]]
- "9": ["Malicious plugin removed%s", 10, "! [ -e /var/www/html/wp-content/plugins/wp-downloaderni", [" "]]
- "13": ["Slanderous post removed%s", 5, "! grep -i tsar /var/lib/mysql/wordpress", [" "]]
- "14": ["Wordpress not functioning!%s", -40, "if [[ "$(curl -s 127.0.0.1/wp-login.php | md5sum)" != "sum" ]] ", [" "]]
- }
- Tevye the milkman needs help securing his buisness website. He has outlined serveral policies and standards he wants his wordpress site to meet. Only official milk related buisness and family matters may
- be posted to the blog. Wordpress and all its parent services must be secured in their entirety. No non-related wordpress services should run on this server.
- System:
- username:tevye
- password:williams
- Wordpress:
- admin
- password
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement