Re: [jetty-users] jetty keeps getting hacked

[Joakim Erdfelt <joakim@xxxxxxxxxxx>]

What's in conf.n? (details please)

What do you have in your webapp? (be detailed)

How do you start Jetty? (your command line *AND* your start.ini and start.d/ contents)

Do you customize anything in ${jetty.home}? (like lib or xml files)

Do you run elasticsearch on your machine?

--

Joakim Erdfelt <joakim@xxxxxxxxxxx>

webtide.com - intalio.com/jetty

Expert advice, services and support from from the Jetty & CometD experts

eclipse.org/jetty - cometd.org

On Fri, Aug 1, 2014 at 9:16 AM, Kent Tong <kent.tong.mo@xxxxxxxxx> wrote:

Hi,

I have set up jetty-8.1.15.v20140411 on CentOS 6.5 with all the updates installed. However, jetty keeps getting hacked: malicious files (usually there is one named conf.n) are frequently created in jetty's directory (/opt/jetty). I have only enabled the minimum configuration in start.ini:

etc/jetty.xml

etc/jetty-annotations.xml

etc/jetty-ssl.xml

etc/jetty-deploy.xml

etc/jetty-contexts.xml

there is only one webapp installed which is nothing out of ordinary.

any idea? thanks in advance!

--

Kent Tong

IT author and consultant, child education coach

_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users