[jetty-users] jetty keeps getting hacked

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[jetty-users] jetty keeps getting hacked

From: Kent Tong <kent.tong.mo@xxxxxxxxx>
Date: Sat, 2 Aug 2014 00:16:12 +0800
Delivered-to: jetty-users@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/jetty-users>
List-help: <mailto:jetty-users-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/options/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=unsubscribe>

Hi,

I have set up jetty-8.1.15.v20140411 on CentOS 6.5 with all the updates installed. However, jetty keeps getting hacked: malicious files (usually there is one named conf.n) are frequently created in jetty's directory (/opt/jetty). I have only enabled the minimum configuration in start.ini:

etc/jetty.xml

etc/jetty-annotations.xml

etc/jetty-ssl.xml

etc/jetty-deploy.xml

etc/jetty-contexts.xml

there is only one webapp installed which is nothing out of ordinary.

any idea? thanks in advance!

Kent Tong

IT author and consultant, child education coach

Follow-Ups:
- Re: [jetty-users] jetty keeps getting hacked
  - From: Joakim Erdfelt
- Re: [jetty-users] jetty keeps getting hacked
  - From: Steve Sobol - Lobos Studios

Prev by Date: Re: [jetty-users] Jetty warning | No port for HttpChannelOverHttp
Next by Date: Re: [jetty-users] jetty keeps getting hacked
Previous by thread: [jetty-users] Jetty warning | No port for HttpChannelOverHttp
Next by thread: Re: [jetty-users] jetty keeps getting hacked
Index(es):
- Date
- Thread

Breadcrumbs