prevent outgoing attacks from infected .php files uploaded
Any advices about how i can prevent outgoing attacks from "customers" which upload something weird to their hosting account?
I found mostly which cause problem are scripts nulled which ocassionally someone upload, but i delete it as soon i receive the alert from AV.
Currently my best choice is perma-blocking outgoing traffic to 80-443 TCP ports but i guess that will broke much things, or not?, what can be broken if i block that?.
I have directadmin, cloudlinux and immunifyAV premium but i want to prevent the script running even if is 5 min because if it scan something, i will get an abuse report from hetzner and they're not friendly handling that.