⚝
One Hat Cyber Team
⚝
Your IP:
216.73.216.50
Server IP:
41.128.143.86
Server:
Linux host.raqmix.cloud 6.8.0-1025-azure #30~22.04.1-Ubuntu SMP Wed Mar 12 15:28:20 UTC 2025 x86_64
Server Software:
Apache
PHP Version:
8.3.23
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
proc
/
self
/
root
/
usr
/
lib
/
systemd
/
system
/
View File Name :
plesk-php74-fpm.service
[Unit] Description=The PHP 7.4.33 FastCGI Process Manager After=syslog.target network.target [Service] Type=notify PIDFile=/run/plesk-php74-fpm.pid EnvironmentFile=-/etc/default/plesk-php74-fpm ExecStart=/opt/plesk/php/7.4/sbin/php-fpm --nodaemonize ExecReload=/bin/kill -USR2 $MAINPID # Set up a new file system namespace and mounts private /tmp and /var/tmp directories # so this service cannot access the global directories and other processes cannot # access this service's directories. PrivateTmp=true # Sets up a new /dev namespace for the executed processes and only adds API pseudo devices # such as /dev/null, /dev/zero or /dev/random (as well as the pseudo TTY subsystem) to it, # but no physical devices such as /dev/sda. PrivateDevices=true # Restricts the set of socket address families accessible to the processes of this unit. # Protects against vulnerabilities such as CVE-2016-8655 RestrictAddressFamilies=AF_INET AF_INET6 AF_NETLINK AF_UNIX # Explicit module loading will be denied. This allows to turn off module load and unload # operations on modular kernels. It is recommended to turn this on for most services that # do not need special file systems or extra kernel modules to work. ProtectKernelModules=true # Kernel variables accessible through /proc/sys, /sys, /proc/sysrq-trigger, /proc/latency_stats, # /proc/acpi, /proc/timer_stats, /proc/fs and /proc/irq will be made read-only to all processes # of the unit. Usually, tunable kernel variables should only be written at boot-time, with the # sysctl.d(5) mechanism. Almost no services need to write to these at runtime; it is hence # recommended to turn this on for most services. ProtectKernelTunables=true # The Linux Control Groups (cgroups(7)) hierarchies accessible through /sys/fs/cgroup will be # made read-only to all processes of the unit. Except for container managers no services should # require write access to the control groups hierarchies; it is hence recommended to turn this on # for most services ProtectControlGroups=true # Any attempts to enable realtime scheduling in a process of the unit are refused. RestrictRealtime=true # Takes away the ability to create or manage any kind of namespace RestrictNamespaces=true [Install] WantedBy=multi-user.target