I had a client get his site hacked thru an insecure version of phpautomembersarea today, here's how they found it:
http://www.google.com/search?q=inurl...=&start=0&sa=N
if you are running this script, make sure its secured / updated!!!
cheers,
Luke
I had a client get his site hacked thru an insecure version of phpautomembersarea today, here's how they found it:
http://www.google.com/search?q=inurl...=&start=0&sa=N
if you are running this script, make sure its secured / updated!!!
cheers,
Luke
I'd also like to add that if you have OLD VERSIONS databases like phpnuke on your domains that aren't being used - DELETE THEM!!!!! Don't leave up old copies of databases!!! It's a doorway to hackers and phishing of your sites. Remove the folders immediately and I'd also remove them from your control panel if they aren't being used by a current version.
Also go see if you are running a current version of any scripts ... being even one version behind on an upgrade can prove to be a backdoor way into a domain.
Yes, absolutely true Bec.....and because of this issue I lost my whole Saturday
Luke brought up another good point. Once we figured out how they were finding sites to hack (easily via google looking for specific folders with hackable script names) ... a good rule of thumb is to NOT name a folder the same name as the script it contains!!!! GIVE IT A NEW NAME!! You may have to adjust your config file and possibly some links to reflect the new folder name, but that's a lot less painful than getting hacked.
This whole experience also gives me pause about using "free" scripts that insist on having their script name/addy on every page unless you buy it ... again, opens up easily searched for domains using that script.
Great tips guys thanks for the info :bunny:
Posting Permissions
Reply With Quote
Bookmarks