I was hacked again today and I thought that my security was infallible. Hacked one time before because I only used four URL parameters, (one of which was a 14 character password) and I think the hacker discovered the URL.
To prevent this and only while updating the site, I hard-code my IP-Address, which must match my $_SERVER[‘REMOTE_ADDR’] to allow for adding and/or editing records. I thought that this method would have prevented others from logging in? When finished updating I remove the IP=Address.
How can prevent this from re-occurring?
The web-page may may still be live and can be checked here:
If it does not correspond to the partial screen dump then the cache has timed out and the replacement record has kicked in.
Unfortunately it could have not happened at a worse time because I am just about to set off up country for five days and will only have Wifi on my tablet
I quickly checked your source code and could not find anything which looked like hacker code in the JavaScript and the page looked okay, too. It seems like you took care of this page, but, did you check all the other files on your server? If one file can be hacked, ALL files can be hacked.
As I’ve recommended before, ask your host to run repetitive “maldet” scans until nothing untoward appears. The “maldet” scan is really good at identifying malware on your server.
Many thanks for taking the time to check the site.
I scanned the site for more virii/virus/viruses (SP) using Host Virus Scanner powered by ClamAV and fortunately none were found. I have not tried “maldet”.
I think what may have happened is when updating the application version the site was compromised. It is now about ten days since this occurred and everything now seems OK.
