Help Needed!

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
Mr Bingo
Forum Newbie
Posts: 1
Joined: Fri Nov 09, 2007 3:52 am

Help Needed!

Post by Mr Bingo »

I was hoping somebody could help me.
My php site has been persistently hacked over the last 12 months.
I run an Apache server with both Coldfusion and PHP running as Mods.
Our main site was written in PHP and has been repeatedly hacked by people who have been able to upload their own PHP and image files.
The last lot even left a message to say that they were hacking me to force me to beef up my security.
The coldfusion sites have been left untouched so I think it must be a vulnerability in PHP that is allowing this.
Unfortunately the bad news is that for company reasons I am forced to run my server on Windows 2000.

Does anybody recognise this problem?

I am running Apache 2.059 and PHP 5.1.6 (The only versions that will work with the jrun mod for coldfusion )

Any advice definately apreciated
[url=http://forums.devnetwork.net/viewtopic.php?t=30037]Forum Rules[/url] Section 1.1 wrote:2. Use descriptive subjects when you start a new thread. Vague titles such as "Help!", "Why?" are misleading and keep you from receiving an answer to your question.
User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Post by Mordred »

Sounds like a web app problem. What PHP applications do you have installed, and which of them allow uploading of files? Do you run custom code, or only open source apps? Do you run the latest versions of the OS apps, and have you checked the security mailing lists if there are known vulnerabilities in them?
User avatar
Zoxive
Forum Regular
Posts: 974
Joined: Fri Apr 01, 2005 4:37 pm
Location: Bay City, Michigan

Post by Zoxive »

Sounds like you need to start validating user input. Especially uploaded files.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Please update your description to be a little more descriptive. Thanks.
User avatar
superdezign
DevNet Master
Posts: 4135
Joined: Sat Jan 20, 2007 11:06 pm

Re: Help Needed!

Post by superdezign »

Mr Bingo wrote:Our main site was written in PHP and has been repeatedly hacked by people who have been able to upload their own PHP and image files.
The last lot even left a message to say that they were hacking me to force me to beef up my security.
Quite obviously, the problem is in the code. Show us some of your uploading code, and we can help you fix the vulnerabilities.
Post Reply