Updating PHP to Gaurd Against Mayhem Malware How will making sure my PHP version is updated thwart the Mayhem Malware? Will updating PHP on my Ubuntu server prevent the Mayhem Malware from being able to make it onto ...--prophetes.ai

Updating PHP to Gaurd Against Mayhem Malware How will making sure my PHP version is updated thwart the Mayhem Malware? Will updating PHP on my Ubuntu server prevent the Mayhem Malware from being able to make it onto the server, prevent it from running, or something else? Is there anything else I can do to safeguard against it? Edit: This is the most informational article I've found which describes Mayhem: <

I caught one of the PHP "droppers" in a WordPress-like honeypot. The attackers gained access by guessing a password - brute force guessing, no hacks.

The PHP is entirely ordinary. It does nothing out of the ordinary, it does not call `eval`, or `preg_replace` or even `base64_decode`. There's really nothing you can do at the PHP level to guard against the code in the "dropper".

If you can keep attackers from guessing your WordPress or Joomla or whatever password, and keep your whatever up-to-date, and get lucky by not having any hackable plugins or 3rd-party code installed, you should be able to avoid Mayhem.