I really need help here :(
my forum got hacked 3 times, and i detected the hacker use RFI(Remote file inclusion) after i found an avatar image contain Phpshell code inside it. and the weird thing is when i tried to use RFI on Apache it will not run the phpshell,
You can see here:
http://www.ceriwis.org/rfi.php?hal=ass.jpg <------------ using NGINX and phpshell executed
and
http://ceri.ws/rfi.php?hal=ass.jpg <---------------- using Apace and phpshell unable to executed
im using Nginx 0.8.53 and php-fpm
I really need solution to solve my problem guys. i want to stop the image to get executed like Apache does..
Please give me solution. thanks