SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Mentor bronze trophy
    John_Betong's Avatar
    Join Date
    Aug 2005
    Location
    City of Angels
    Posts
    1,824
    Mentioned
    73 Post(s)
    Tagged
    6 Thread(s)

    Hacked by a Russian Corn site

    I was hacked again today and I thought that my security was infallible. Hacked one time before because I only used four URL parameters, (one of which was a 14 character password) and I think the hacker discovered the URL.

    To prevent this and only while updating the site, I hard-code my IP-Address, which must match my $_SERVER['REMOTE_ADDR'] to allow for adding and/or editing records. I thought that this method would have prevented others from logging in? When finished updating I remove the IP=Address.

    How can prevent this from re-occurring?

    The web-page may may still be live and can be checked here:
    http://www.johns-jokes.com/4237

    If it does not correspond to the partial screen dump then the cache has timed out and the replacement record has kicked in.

    Unfortunately it could have not happened at a worse time because I am just about to set off up country for five days and will only have Wifi on my tablet
    Last edited by TechnoBear; Dec 23, 2013 at 06:21. Reason: Hacked data removed

  2. #2
    Certified Ethical Hacker silver trophybronze trophy dklynn's Avatar
    Join Date
    Feb 2002
    Location
    Auckland
    Posts
    14,650
    Mentioned
    19 Post(s)
    Tagged
    3 Thread(s)
    Hi John,

    I quickly checked your source code and could not find anything which looked like hacker code in the JavaScript and the page looked okay, too. It seems like you took care of this page, but, did you check all the other files on your server? If one file can be hacked, ALL files can be hacked.

    As I've recommended before, ask your host to run repetitive "maldet" scans until nothing untoward appears. The "maldet" scan is really good at identifying malware on your server.

    Have a Very Merry Christmas!

    Regards,

    DK
    David K. Lynn - Data Koncepts is a long-time WebHostingBuzz (US/UK)
    Client and (unpaid) WHB Ambassador
    mod_rewrite Tutorial Article (setup, config, test & write
    mod_rewrite regex w/sample code) and Code Generator

  3. #3
    SitePoint Mentor bronze trophy
    John_Betong's Avatar
    Join Date
    Aug 2005
    Location
    City of Angels
    Posts
    1,824
    Mentioned
    73 Post(s)
    Tagged
    6 Thread(s)
    Quote Originally Posted by dklynn View Post
    Hi John,

    I quickly checked your source code and could not find anything which looked like hacker code in the JavaScript and the page looked okay, too. It seems like you took care of this page, but, did you check all the other files on your server? If one file can be hacked, ALL files can be hacked.

    As I've recommended before, ask your host to run repetitive "maldet" scans until nothing untoward appears. The "maldet" scan is really good at identifying malware on your server.

    Have a Very Merry Christmas!

    Regards,

    DK
    Hi David,

    Many thanks for taking the time to check the site.

    I scanned the site for more virii/virus/viruses (SP) using Host Virus Scanner powered by ClamAV and fortunately none were found. I have not tried "maldet".

    I think what may have happened is when updating the application version the site was compromised. It is now about ten days since this occurred and everything now seems OK.

    Merry Christmas and a Happy New Year.

    Cheers,

    John

  4. #4
    Certified Ethical Hacker silver trophybronze trophy dklynn's Avatar
    Join Date
    Feb 2002
    Location
    Auckland
    Posts
    14,650
    Mentioned
    19 Post(s)
    Tagged
    3 Thread(s)
    You're welcome, John, and I hope you had a Very Merry Christmas, too. Just stay sober and you should be able to dodge the drunks on New Years Eve!

    Regards,

    ]DK
    David K. Lynn - Data Koncepts is a long-time WebHostingBuzz (US/UK)
    Client and (unpaid) WHB Ambassador
    mod_rewrite Tutorial Article (setup, config, test & write
    mod_rewrite regex w/sample code) and Code Generator


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •