Security problems - worm

[garret]

Hello,

my OpenKM installation was attacked by a worm (perl script called fly.pl). The JMX console etc. were secured.
After some google research I found out that the worm could enter the server because of a JBoss security hole and that it has been fixed with newer JBoss versions.
So my question is: what can I do to avoid the possibiltiy of being attacked again. Is there (for example) any way to install OpenKM with a newer version of JBoss?

Thanks in advance
garret

[jllort]

The way to solve it, is not exposing your jboss port 8080 directly to internet. If you want to expose it, use apache proxy configuration to mapping port 8080 to apache 80 port across proxy configuration.

In newsletter will send next week will explain this jboss problem.

[garret]

This is very good news!
Could you also announce it in this forum please.

[jllort]

Today we've starting sending newsletter, then will publish in forum too.

[pavila]

There is a JBoss vulnerability which can be used to write files in the filesystem (https://issues.jboss.org/browse/JBAS-3861). To protect you JBoss installation don't expose JBoss directly to the Internet. Use Apache to handle petitions and forward to the JBoss instance. More info about this at http://wiki.openkm.com/index.php/Apache.

[olexandr]

Hi!
Thank you for the documentation - how to configure apache.
I've got zmeu.war with console password-protected.

How to subscribe to newsletter?

[jllort]

Go to our website http://www.openkm.com press right top download icon and fill the form to subscribe newsletter. Your question make to think to me that I should put a specific menu option for it.