1. Home
  2. Portal
  3. RE: Please help me on Security related issue

RE: Please help me on Security related issue

Jagan Mohan, modified 5 Years ago.
Please help me on Security related issue
New Member Posts: 3 Join Date: 7/19/17 Recent Posts
Hi Team, 
I am using liferay-ce-portal-7.1.0-ga1 version in one of my web application, I found "kinsing-*" unknown folder in liferay-ce-portal-7.1.0-ga1/tomcat/bin folder and attached the screenshot please check once. please help me to restrict this type of attacks.
Thank you in advance.

Attachments:

thumbnail
Olaf Kock, modified 5 Years ago.
RE: Please help me on Security related issue
Liferay Legend Posts: 6441 Join Date: 9/23/08 Recent Posts
Jagan Mohan:

I am using liferay-ce-portal-7.1.0-ga1 version in one of my web application, I found "kinsing-*" unknown folder in liferay-ce-portal-7.1.0-ga1/tomcat/bin folder and attached the screenshot please check once. please help me to restrict this type of attacks.
Please read https://liferay.dev/blogs/-/blogs/security-patches-for-liferay-portal-6-2-7-0-and-7-1 and keep an eye on future upgrades. Note that typically updates are provided for the latest GA release, and you should follow along, planning to go towards 7.3 soon, but the first step would be to go to 7.1 GA4 plus patch.
If you need a long-term stable release without the need to upgrade to newer GAs/versions (but with provided fixpacks to a stable version), consider Liferay DXP instead of Liferay Portal CE.
thumbnail
Fernando Fernandez, modified 5 Years ago.
RE: Please help me on Security related issue
Expert Posts: 401 Join Date: 8/22/07 Recent Posts
One thing you should do is to run liferay as a non-root user with no permissions to write on those folders.
Also, in line with Olaf's suggestions, take a look at https://liferay.dev/blogs/-/blogs/creating-liferay-security-binary-patches
HTH
Fernando