SitePoint Sponsor

User Tag List

Results 1 to 9 of 9

Thread: Site Hacked

  1. #1
    SitePoint Wizard subnet_rx's Avatar
    Join Date
    Aug 2001
    Location
    Hattiesburg, MS
    Posts
    1,085
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Site Hacked

    I had a retail store that I closed a couple of months ago, but I kept the site up so I could inform customers about the closing and direct them to new ventures. Today, this site was hacked and subsequent profane emails sent out to everyone, due to the forum script being a version behind. I realize this is my fault for not updating. My question is, what can we do to stop this from being a recreational activity for these people? The person who did this is in no danger at all of being prosecuted or even fined for this. That seems ridiculous to me. I don't have to beat out competitors in Google, I can just hack them?

  2. #2
    Texan at Heart Corey Bryant's Avatar
    Join Date
    Sep 2003
    Location
    Castle Rock, CO
    Posts
    2,491
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Check out www.sitedigger.com - and download that. This will scan your site to make sure you do not have some of the very simple and known vulnerabilites and read some here: http://johnny.ihackstuff.com

  3. #3
    SitePoint Wizard realestate's Avatar
    Join Date
    May 2004
    Posts
    1,092
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    If it is phpbb, you need to upgrade as soon as new versions are released.
    Also block some common ip's. It makes sense to block whole nigeria, brazil, russia ip's, although I like those countries.

  4. #4
    SitePoint Wizard subnet_rx's Avatar
    Join Date
    Aug 2001
    Location
    Hattiesburg, MS
    Posts
    1,085
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    that's what I was thinking, how can I block countries? None of my sites need or deal with international visitors, so how could I prevent all non U.S. surfers from getting to my site?

  5. #5
    SitePoint Wizard realestate's Avatar
    Join Date
    May 2004
    Posts
    1,092
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You need ip ranges to block. www.icann.org must have all ip info.
    African ip's are in ripe.net database. Domainstate has something in tools section.
    I don't know how to block ip ranges, but it is possible.

  6. #6
    SitePoint Wizard silver trophy
    Join Date
    Aug 2003
    Location
    Southern California
    Posts
    4,686
    Mentioned
    19 Post(s)
    Tagged
    0 Thread(s)
    Blocking IPs can be accomplished via htaccess, simply create a file name .htaccess (nothing before the dot) and place the following contents in it:

    Code:
    <Limit GET HEAD POST>
    order allow,deny
    deny from 192.168.1.1
    allow from all
    </LIMIT>
    Save the file and upload it to your root web folder (/www /public_html /htdocs or the like).

    Before blocking an entire country keep in mind the potential sales, visitors and users you may be turning away. For example, Brazil is a country with over 100 million people and has a large upper class sector that is very e-commerce friendly. There may come a time when you should block a country due to insanely high fraud or abuse problems but as a general rule you can avoid such drastic measures by checking the ips of your orders against their billing/shipping country (you can even automate this using perl modules or php functions). Flag suspicious order countries as possible fraud, especially if the order ip tracks to a different location then the shipping address but don't discount them completely... unless of course you hit that critical point.
    - Ted S

  7. #7
    SitePoint Wizard subnet_rx's Avatar
    Join Date
    Aug 2001
    Location
    Hattiesburg, MS
    Posts
    1,085
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    From what I saw of the web address and name that they left (ever heard of a vandal leaving a business card???), it looks islamic to me. Both my hacks have come from there, and my spam comes from Russia. If I could block those two areas, then a lot of my problems would go away, I don't care about the sales.

  8. #8
    SitePoint Member
    Join Date
    Mar 2005
    Location
    Lithuania
    Posts
    13
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Don't you think that hackers from russia or other country can use some proxy server? It's very easy for them to look like they came from usa or whatever.

  9. #9
    SitePoint Wizard subnet_rx's Avatar
    Join Date
    Aug 2001
    Location
    Hattiesburg, MS
    Posts
    1,085
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    of course, they probably use several.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •