I don't know if I missed a security bulletin but I am getting hammered by hacks that upload to /tmp and then execute something that loads:
sso_main.phpapi.socket-0
sso_main.phpapi.socket-1
sso_main.phprelay.socket-0
sso_main.phprelay.socket-1
and then executes:
sw-engine-cg
How/can I turn off CGI server-wide?
What is the ultimate fix? These are Plesk 9 and 10 servers.