It appears that some people like to take advantage of those files for online web applications such as Wordpress which have php files with permissions set to 777. They use those as a means of creating an upload file. The upload files that they create then have access to the whole server somehow... Is there anyway of preventing this from happening?
First of all run your apache as suphp, that will allow your files to run with permission 755 rather than 777. Also disable "file_uploads = On" in your php.in for the time being. You can find your php.ini file in /usr/local/lib/php.ini
The ultimate multiple server administration software.
*Parallel shell *rm -rf protection *SSH logging*automated password changes*encrypted storage* AdMod.com -Delivering innovative web hosting solutions
To upload files via Wordpress, you'll have to put in your FTP information.
However, you can easily edit files through Wordpress. And if the files permissions are set to 777, any body can modify the Wordpress files to make a gateway to the server.