php code injection over cgi-bin
We are facing attack throught code injection on cgi-bin...
We have default ISPConfig configuration done with tutorial on howtoforge.
The workaround is to remove from apache config.
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory>