zoozle.net www-data www-data -3 / 0 920M /tmp/lshttpd/swap 1 1 0 $SERVER_ROOT/conf/mime.properties 1 2 0 0 86400 1 z00zle@yahoo.de $SERVER_ROOT/admin/ /srv/server/litespeed/logs/error.log DEBUG 0 2047M 1 /srv/server/litespeed/logs/access.log 7 2047M 1 1 index.html, index.htm, index.php 2 .htaccess 0 image/*=A604800, text/css=A604800, application/x-javascript=A604800 500000 0 25 100 1 15 32000 16000 epoll 6k 100M 50K 120M 1 null 3084 16380 50M 4K 5M 0 0 1 text/*, application/x-javascript, application/xml 1 1 1M 300 1 0 000 000 15 4 51200K 21350K 5 35 5 1600 20 11 10 0 300 600 250M 300M 400 450 1 0 deny,log,status:403 1 XSS attack log,deny,status:403,msg:'XSS attack' 1 SecFilterSelective ARGS "(alert|expression|eval|url)[[:space:]]*\(" SecFilterSelective ARGS "(&\{.+\}|(&#[[0-9a-fA-F]]|\x5cx[0-9a-fA-F]){2})" SecFilterSelective ARGS "((javascript|vbscript):|style[[:space:]]*=)" SecFilterSelective ARGS "(fromCharCode|http-equiv|<.+>|innerHTML|dynsrc|-->)" SecFilterSelective ARGS "document\.(body|cookie|location|write)" SecFilterSelective ARGS_VALUES "jsessionid|phpsessid|onReadyStateChange|xmlHttp" SecFilterSelective ARGS "<(applet|div|embed|iframe|img|meta|object|script|textarea)" # JavaScript event handlers SecFilterSelective ARGS "on(Abort|Blur|Click|DblClick|DragDrop|Error|Focus|KeyUp|KeyDown|KeyPrerss|Load|Mouse(Down|Out|Over|Up)|Move|Reset|Resize|Select|Submit|Unload)" SQL injection log,pass,msg:'SQL Injection attack' 1 #SQL generic SecFilterSelective ARGS "drop[[:space:]]+(database|table|column|procedure)" SecFilterSelective ARGS "delete[[:space:]]+from|create[[:space:]]+table|update.+set.+=|insert[[:space:]]+into.+values" SecFilterSelective ARGS "select.+from|bulk[[:space:]]+insert|union.+select|alter[[:space:]]+table" SecFilterSelective ARGS "or.+1[[:space:]]*=[[:space:]]1|or 1=1--'|'.+--" SecFilterSelective ARGS "into[[:space:]]+outfile|load[[:space:]]+data|/\*.+\*/" CopyRightIssues log,deny,status:404,msg:'CopyRight Issue' 1 # suche nach TeenBurg UND Leyla SecFilterSelective ARGS "(TeenBurg.+Leyla)" SecFilterSelective ARGS "(TeenSexMania.+E78)" SecFilterSelective THE_REQUEST "(gunewardene)" SecFilterSelective THE_REQUEST "(Gummy.+Bear.+Nuki.+Nuki.+rapidshare)" SecFilterSelective THE_REQUEST "(Silberjunge.+ebook.+rapidshare)" / /etc/* /dev/* $SERVER_ROOT/conf/* $SERVER_ROOT/admin/conf/* ALL lsapi phpLsapi

uds://tmp/lshttpd/lsphp.sock

2000 PHP_LSAPI_MAX_REQUESTS=1000 PHP_LSAPI_CHILDREN=500 LSAPI_MAX_IDLE_CHILDREN=10 LSAPI_MAX_PROCESS_TIME=30 LSAPI_MAX_IDLE=10 LSAPI_EXTRA_CHILDREN=100 LSAPI_AVOID_FORK=0 30 15 0 10 1 1 $SERVER_ROOT/fcgi-bin/lsphp 100 3 0 4 250M 300M 200 200 php lsapi phpLsapi /dev/shm 228K 1 360 1 1 1 0 0 1 5 LSAPI_MAX_REQS=1000 LSAPI_MAX_IDLE=60 180 0 60 0 50 1 3 250M 300M 200 300 zoozle.net /srv/server/wwwroot /srv/server/litespeed/conf/xconf.xml 1 1 1 2000 1 0 0 10 10 500K 100K sharehunt.de /srv/server/wwwsharehunt $SERVER_ROOT/conf/sh-de.xml 0 0 0 100 1 0 0 zoozle.biz /srv/server/wwwbiz $SERVER_ROOT/conf/z-biz.xml 1 1 0 100 1 0 0 20 12 350K 350K zoozle.net

77.247.178.32:80

15 0 zoozle.net zoozle.net, www.zoozle.net, * sharehunt.de

77.247.178.82:80

1 0 sharehunt.de sharehunt.de, * zoozle.biz

77.247.178.83:80

8 0 zoozle.biz zoozle.biz, * centralConfigLog $SERVER_ROOT/conf/templates/ccl.xml Default PHP_SuEXEC $SERVER_ROOT/conf/templates/phpsuexec.xml Default EasyRailsWithSuEXEC $SERVER_ROOT/conf/templates/rails.xml Default