We were supposed to configure the Web server to be secure, but mistakes allowed them to run Linux commands on our server.