Posted by Willem Bogaerts on 12/28/07 08:13

> Now the pirate has installed a iroffer (an IRC server) directly on my
> account.
>
> So my questions are:
> - how they do enter on my site ?
> - where to find informations on protecting my website (PHP scripts) ?
> - How the pirate can have access to my FTP account ? Or can he install an
> IRC server directly from one of my scripts ?
> - Also can be a problem of the hosting instead of mine ?
>
> Please help, I'm tired to re-install my server every week.

Well, first thing to help is to tell what OS you are using. In general,
never accept things from outside blindly. If the person hacking your
machine can monitor traffic, FTP passwords are easily caught. There are
enough secure alternatives. Look into them.

Also, go through the PHP settings and see what you do not need. If you
do not need PHP to contact other servers, you can disable it, the
functions that do and/or switch on "safe mode".

Disable error display, but log all errors and warnings. If the attacker
is trying thing, he himself will not see the weaknesses of your setup,
but you do.

Good luck,
--
Willem Bogaerts

Application smith
Kratz B.V.
http://www.kratz.nl/

[Back to original message]