Reply to Re: I'm being hacked regularly

Your name:

Reply:


Posted by shimmyshack on 12/28/07 08:18

On Dec 28, 7:42 am, "Bob Bedford" <b...@bedford.com> wrote:
> Hi all,
>
> The site protection has never been an issue due to the main purpose of my
> site: it's a community website and has nothing very important, just
> informations.
>
> Now the problem is that hackers don't only put my website regularly offline
> but the worse thing is that they put spam script on my site and send
> thousand spams from my account.
>
> My site is build using $_GET["page"] so all my site has the same design
> (index.php being the general design and including the forms from different
> files).
> The first attack was to put an URL in the page param so I had an attack likewww.example.com/index.php?page=www.siteofthehackertools....
> The site of the hacker tool had a PHP script that was used to get
> information on everything on my pages and also had a script to send emails.
>
> Now I protect against this kind of param by checking them and they can't
> access my site this way..
>
> Now the pirate has installed a iroffer (an IRC server) directly on my
> account.
>
> So my questions are:
> - how they do enter on my site ?
> - where to find informations on protecting my website (PHP scripts) ?
> - How the pirate can have access to my FTP account ? Or can he install an
> IRC server directly from one of my scripts ?
> - Also can be a problem of the hosting instead of mine ?
>
> Please help, I'm tired to re-install my server every week.
>
> Thanks

try OWASP PHP TOP TEN, as it suggests top ten ways hackers get to you
and what you should do to stop them.
if you are being targetted, and have written your own scripts as it
seems then you can protect yourself with mod_security to a degree -
this will stop various standard attacks, see cool rules as well to add
functionality to the engine.
If you are using third party software which you download then you
should make sure it is fully patched and up to date.
there are no hard and fast rules after these steps have been taken,
just write secure code, keep everything including your php/apache
installs up to date and try not to attract to much attention.
Oh and log everything, using your script to detect patterns is the
first step to banning if you go that route, after all is your site
massive enough to need to accept connections from taiwan for instance?
If not, start there.

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация