Hi,
my website svnnews.in is hacked yesterday.
Now its showing some hackers messages.
I need my website back.Need suggestion to make my website hack free.
jacob21
0
Posting Whiz in Training
Recommended Answers
Jump to PostCheck for any log available, if you are using Apache server check for acces.log and error.log, then search and check for any uploaded file/image. In order to limit defacements you have to sanitize data, any POST, GET, COOKIE, PUT request: you have to check if you are receving the expected …
All 3 Replies
cereal
1,524
Nearly a Senior Poster
Featured Poster
Check for any log available, if you are using Apache server check for acces.log and error.log, then search and check for any uploaded file/image. In order to limit defacements you have to sanitize data, any POST, GET, COOKIE, PUT request: you have to check if you are receving the expected kind of data especially for those variables which will print the input in the pages.
Keep in mind: if you have a form from where a user can upload images or files, do you check the mime (and the sizes regarding the image)? If no, then it's simple to upload a script and replace the pages.
Read these:
As suggestion, create a copy of the current site and logs so you can study the problem offline, then, update your code and replace it. A part this, without more details it's hard to help, bye.
iamthwee
Re-upload clean php files, change your ftp logon details change all passwords, lock down files that don't need read/write access.
iamthwee
Oh and something that is commonly overlooked... Reformat the machine you're ftp'ing your files from. Sometimes it's the host machine that is the issue as there are spyware programs logging your keystrokes and broadcasting your ftp passwords etc over the internet.
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.