View Poll Results: Has ever malicious software been installed on your website(s) from outside?

Voters
13. You may not vote on this poll
  • Yes

    8 61.54%
  • No

    5 38.46%
Results 1 to 13 of 13
  1. #1
    Nandakishore's Avatar
    Nandakishore is offline In Memorium, 1935-2014
    Join Date
    December 2006
    Location
    In Germany near Munich
    Posts
    2,104
    Blog Entries
    5
    Thanks
    931
    Thanked 496 Times in 367 Posts

    Default Have you ever experienced a 'Hacker Attack' on your website(s)?

    My website experienced a Hacker attack on 21st September
    https://www.gpwa.org/forum/i-need-ur...lp-192269.html. Someone from outside had installed some malicious software on each page of the site, of course without our knowledge.

    It would be interesting to know how often such attacks happen with what kind of consequences and what measures are undertaken to prevent such attacks.

    In our case the immediate consequence was a message from Google warning that a visit to this site may harm the computer.

  2. #2
    SimonaB's Avatar
    SimonaB is offline Public Member
    Join Date
    October 2009
    Location
    Malta
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Default

    It happened to me 3 times in two years as well.

  3. #3
    dassad is offline Private Member
    Join Date
    April 2010
    Location
    Romania
    Posts
    171
    Thanks
    6
    Thanked 35 Times in 23 Posts

    Default

    This happened to me only once. The problem was that i used a shared hosting and my site is Wordpress that is extremely safe but the virus came from another site. Practically the whole server was infected by this virus and all Wordpress installations.

    The virus added a piece off code to one off the standard implemented themes and transformed to a full file manager and uploaded a lot of viruses and files to the server. Looked funny, after that i hunted for the virus 2 days until i found all the infected files and found an option to clear it.

    When i was done and i was in safe i redirected the virus to google.com The funny thing was that the administration area on the Russian server after this redirected to google.com to However after all the server was cleaned by my little tool created in Delphi that i sent to the hosting company.

  4. #4
    Dominique's Avatar
    Dominique is offline Private Member
    Join Date
    March 2002
    Location
    The Boonies
    Posts
    4,777
    Thanks
    452
    Thanked 724 Times in 299 Posts

    Default

    I moved servers and it is almost impossible now to do anything to my sites.

  5. #5
    dassad is offline Private Member
    Join Date
    April 2010
    Location
    Romania
    Posts
    171
    Thanks
    6
    Thanked 35 Times in 23 Posts

    Default

    Sorry but i don't accept this. I think that nothing is impossible.

    Quote Originally Posted by Dominique View Post
    I moved servers and it is almost impossible now to do anything to my sites.

  6. #6
    Smoking's Avatar
    Smoking is offline Private Member
    Join Date
    January 2010
    Location
    New York
    Posts
    720
    Thanks
    355
    Thanked 157 Times in 136 Posts

    Default

    Quote Originally Posted by Dominique View Post
    I moved servers and it is almost impossible now to do anything to my sites.
    Nothing is Impossible


    Bet Source for Casino Affiliates
    Visit BubbleProtection.com Now
    Post a quality gambling related article in http://www.gamblingshares.com the up and coming Premier Gambling Article Site

  7. #7
    Doolally's Avatar
    Doolally is offline Private Member
    Join Date
    February 2003
    Location
    Scotland
    Posts
    4,584
    Thanks
    491
    Thanked 731 Times in 572 Posts

    Default

    Dominique did say "almost impossible." I'm sure she admits that it's never going to be 100% hacker proof but if you have the right security in place then you can get as near lock-down as possible.

  8. #8
    dassad is offline Private Member
    Join Date
    April 2010
    Location
    Romania
    Posts
    171
    Thanks
    6
    Thanked 35 Times in 23 Posts

    Default

    yes.. probably you have right and dominic realy knows what says and why says


    Quote Originally Posted by Doolally View Post
    Dominique did say "almost impossible." I'm sure she admits that it's never going to be 100% hacker proof but if you have the right security in place then you can get as near lock-down as possible.

  9. #9
    Smoking's Avatar
    Smoking is offline Private Member
    Join Date
    January 2010
    Location
    New York
    Posts
    720
    Thanks
    355
    Thanked 157 Times in 136 Posts

    Default

    100% but that changes every day.

    anytime a change or update is made to a site it can open up vunabilities. These are where openings occur and if you are targeted well


    Bet Source for Casino Affiliates
    Visit BubbleProtection.com Now
    Post a quality gambling related article in http://www.gamblingshares.com the up and coming Premier Gambling Article Site

  10. #10
    Doolally's Avatar
    Doolally is offline Private Member
    Join Date
    February 2003
    Location
    Scotland
    Posts
    4,584
    Thanks
    491
    Thanked 731 Times in 572 Posts

    Default

    I've had two sites hacked over the past year. I never really understood the reasoning behind the attacks though.

    The perpetrator created a directory with some bonus pages, no links, etc, on them then attracted 2-300 thousand links to the pages!

    I was ranking for all kinds of wierd stuff but I could never see the advantage for anyone. They were just boring text pages probably produced with an article re-writer. I just deleted the pages and informed Google about it so I wouldn't get any penalties.

  11. #11
    Simmo! is offline Public Member
    Join Date
    July 2004
    Posts
    893
    Thanks
    239
    Thanked 406 Times in 226 Posts

    Default

    I've experienced it twice, once in gaming once outside. The first time was a code injection designed to put links to other sites in my code. That site used Wordpress (an old version).

    The second time was to make my website host pages that were made to look like banks. They would then mass email people, point them at the fake banking page which in turn would send on the customers details.

    The most common exploits seem to be scripts that allow uploading/file management. So if you have any script that is used to upload images or files, or an admin (perhaps as part of a CMS) script that allows file uploads that is publically accessible there is a risk.

    The easiest way t prevent access is to password protect the directory those scripts are in but thats not always practical so there are other ways to protect against that:

    a) ensure that none of these files can get indexed by Google (they search for "known" strings that indicate upload scripts).

    b) rename any upload scripts to names that are totally unobvious. IE: If you have a script called "filemanager.php" rename it to "cms.php" or something equally innocuous.

    c) make sure the script validates the filename properly.

    Perl & PHP form scripts are also potentially dangerous if they take in parameters. Make sure they validate the parameters properly. I always check for max lengths and generally only allow alpha-numeric characters. I' no expert but that's some basic stuff that will help. I actually got attacked through a perl script some time back but the maxlength validation caught it thankfully.

    One other precaution you could take: create a simple recursive directory listing routine (with php start here) that checks file dates and emails you with a list of filenames that have changed then set it up as a CRON.
    Last edited by Simmo!; 27 September 2010 at 6:47 pm.

  12. The Following User Says Thank You to Simmo! For This Useful Post:

    Nandakishore (28 September 2010)

  13. #12
    dassad is offline Private Member
    Join Date
    April 2010
    Location
    Romania
    Posts
    171
    Thanks
    6
    Thanked 35 Times in 23 Posts

    Default

    good tips here.. or you ca simply DENNY it from .htaccess or simple permission settings. But this depends on, if you use that module or site part or plugin or something.

  14. #13
    Renee's Avatar
    Renee is offline Sponsor Affiliate Program
    Join Date
    August 2005
    Posts
    9,070
    Blog Entries
    6
    Thanks
    6,642
    Thanked 3,535 Times in 2,203 Posts

    Default

    I've never had my sick hacked, but have had my domain account logged into and all the details changed to someone in Turkey.

    I remember coming home from a night out and checking my email before I went to bed and had to sit on the phone to a guy in the states to get everything back online...

    Needless to say when I finally got into bed I was no longer drunk..
    __________________
    Renee, Affiliate Program Manager
    http://www.RewardsAffiliates.com
    Affiliate Program for CasinoRewards.com
    Best Affiliate Manager - CAP Awards 2008
    Best Casino Affiliate Manager - CAP Awards 2009
    Best Casino Affiliate Manager - iGB Affiliate Awards 2010

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •