Solutions against cyber attacks in FPM-PHP

dragonxi

1) How to prevent extra processes
to get activated by hackers in FPM-PHP
environment i.e.
which software tools are
available/possible to install

(a) in server : (3)? (4)? (x) other software ?
(b) in client ? any Python tools ?

(2) How does/could the server prevent
extra processes to be activated by hackers
in FPM-PHP configurations ?

(3) How does/could VPS platform offer
extra protection against hackers
when FPM-PHP is being used ?

Ref
(4) >> https://ebpf.io/
(5) >> https://goteleport.com/

sean

dragonxi We have some basic upstream mitigation to prevent things like brute force attacks, etc - but it is entirely your own responsibility to keep your own PHP applications secure from the type of abuse you've described.

If there is some particular tool you want to install then let me know exactly what it is and I'll try to provide further guidance.

dragonxi

Hi Sean,

Could you install bpftrace for us

For example as follows:

1) bpftrace installation to CentOS by snapcraft
▪︎EPEL repisitory
▪︎Snap
▪︎systemd
▪︎enable classic snap support
▪︎install bpftrace

https://snapcraft.io/install/bpftrace/centos

or
2) bpftrace install by github

https://github.com/iovisor/bpftrace/blob/master/INSTALL.md

or
3) bpftrace install by Sean

...
Thanks in advance from our guys !

sean

dragonxi Apologies but we're not able to install bpftrace for you. It's not compatible with the kernel we're currently running, and it is a root-only utility so you wouldn't be able to do anything with it yourself.