lfd on server.2daygeek.com: Suspicious File Alert /tmp/oi_plugins.php

In our environment we have installed OpenInviter to import contacts (addressbook) from social networking sites & email providers. After installing openinviter on server, we got 1000+ messages every day from lfd which is horrible to see the mails very often in my inbox. I start the investigation to get solve the issue.

1) lfd alert message

The below error message which i received from lfd very often.

Time:   Tue Sep 24 13:10:48 2013 +0100
File:   /tmp/oi_plugins.php
Reason: Script, file extension
Owner:  2daygeek:2daygeek(502:501)
Action: Moved into /var/lib/csf/suspicious.tar

2) How to find the config.php

To stop that alert message, we need to make small change on openinviter config.php file. Go to Open Invitor folder and findout the “config.php” file using the below command.

find / -name "config.php"

3) Replace “/tmp” with “tmp”

You will be getting the below two config file with different locations. Just replace “/tmp” with “tmp” on both file then save and exit.

/home/2daygeekc/public_html/new/OpenInviter/config.php
And
/home/2daygeekc/public_html/new/plugin/OpenInviter/config.php

Just replace “/tmp” with “tmp” in config.php and it stops the suspicious file alert from lfd. Hope this article was useful for you. Kindly provide your valuable feedback/comments in the commenting section.

Stay tuned with us !!

Magesh Maruthamuthu

Love to play with all Linux distribution

You may also like...

Shares
Close
Please support the site
By clicking any of these buttons you help our site to get better