Hi guys and girls,
Thanks for all the help with the previous problem. I did as suggested and the site is now working as it should again.
Just got one other little problem now. I've been hacked twice in the space of 2 weeks. It's not really a bad hack as such, but some idiots are getting in and replacing my index.php file with their stupid little "U Been Haxed By...." rubbish. Obviously, it's easy to fix the initial hack, but how do I stop this from happening again and again?
I've changed the PW's to my admin and hosting account, and will have to do that again today.
Is there any inclusions I need to make into the files to stop this again? Do I need to alter any permissions? Any ideas what to do?
Thanks in advance!
if (isset($_REQUEST['dir']))
die ('Hacking attempt');
to the files Sammie suggested in another post. I'm hoping this will help some.
Is there anything else I should do?
This is the IP it came from: 193.67.33.2
You might want to block it.
Also, what's with the /ray/crossdomain.xml file? Could this be a potential security issue?
get hosted on more safer servers
better if not just via .htaccess - at host level.
second - disable all possible script of flash includes (better any html).
Third, was good solution too:
#RewriteCond %{QUERY_STRING} ^http [OR]
#RewriteCond %{QUERY_STRING} ^.+www\. [OR]
#RewriteCond %{QUERY_STRING} ^.+https [OR]
#RewriteCond %{QUERY_STRING} ^.+ftp
#RewriteRule .* - [L,F]
#RewriteCond %{HTTP_USER_AGENT} ^libwww [OR]
#RewriteCond %{HTTP_USER_AGENT} ^Wget
#RewriteRule see more
I'm actually considering adding sites to an additional hosting company, even though the one we currently use is listed on the boonex server page here. I noticed today that a number of functions over all the websites are messed up from the cPanel see more
php_flag register_globals Off
Where do I change this specifically?
This is my first major dabble with php and mysql, so I'm not sure. CSS/XHTML/XML, I'm fine...PHP...you've lost me:D
this allows any site on that server to be exploited and gain full access to all sites and accounts on that server. this is your hosting companies fault, and their blatent abuse of their customers trust in not providing safe secure hosting see more
I've just looked at my cache and backup directories. Both of those are absolutely fine, from what I can see. They both seem to have the relevant files included and no abnormalities in there. That's one big relief.
Right now, I'm going through all the files and folders in my hosting and comparing them to the dolphin/ray/orc unzipped files. I'll post if I find something odd that I just can't figure out :).
With regards to my hosting, I actually have a reseller account with this see more
Basically if you add a # to your .htaccess each line with the # means to ignore it and do no good. So I don't know why this was even posted or why it wasn't clarified that you need to remove the # to do any good and to take affect. Guess everyone is supposed to know that by default.
#RewriteCond %{QUERY_STRING} ^http [OR]
#RewriteCond see more
I believe the server can be configured as to what is allowed in the local .htaccess files.
As mentioned, once a site is hacked all sites on the server are accessible. Even if your hostheader website is protected it is accessible from another website on the same server. It really needs turned off at the server level or you should consider changing your hosting provider.
If register globals can see more