Apache Web Servers still under Attack
If you’ve taken the big task and pain in privately hosting your website or blog on the open source web server Apache, or if your web host uses Apache, then beware of the successful attacks Apache servers have undergone in the last months.
The attacks are based on botnot, event though their provenance is still unknown or is not Chinese or Russian for sure.
It is not that Apache has vulnerability issue, but the intruders use a combination of stolen log-in accounts (user name and passwords) and the Apache feature – “dynamic module loading” that most web masters do not master, thus making it difficult to even clean-up an infected site.
If you’re not an expert on security issues than ask for help before some ingenious indivclassual gets into your system and plant malicious ware that can “modify Apache memory to monitor requests and inject the script tag, script contents or the Rbot executable”.
via [ComputerWorld UK]