How to prevent cmd from executing from php
We recently experienced a security breach and tracked the breach down in a log file to the following command executed from a rougue php file:
----------------------------------------------
images/last10.php?act=cmd&d=%2Fhome%2Fuserhomedir%2Fpublic_html%2Fsimages%2Fcgi-bin%2F&cmd=mv+cgitelnet.txt+dr.pl&cmd_txt=1&submit=Execute
Does anyone know what can be done to prevent php from executing shell commands? I believe there is a setting in the php.ini?
