All user input fields hidden or not should be hard coded, filtered, and sanitized before being handed off to php or a database which will prevent coding characters from being submitted and run through your software. In some cases you may still have coding which allows for injection. This coupled with our server side changes should prevent any resurfacing of the hackers efforts. "strong" password which includes upper case, lower case, numbers and NO COMPLETE WORDS OR NAMES! The cp password, the ftp password, and any ftp sub accounts. Change all passwords for that end user account. htaccess files, as hackers like to load re-directs into them.Ĥ. htaccess files through all of your domains in that end user.ģ. Such scripts allowed them to make account wideĬhanges, spam through your account, or spread their own. Remove any "rouge" files or php scripts uploaded by the hackers into your account. "default.cfm" pages as those are popular targets too.Ģ. On windows servers check any "default.aspx" or check all index pages for any signs of java script injected into their coding.
I suggest the following clean up procedure for both your accounts:ġ. The weaknesses were not server wide but rather just made it easier on a hacker to compromise individual end user accounts. We updated it, and changed some default settings to help prevent these coding compromises. Quote We have patched up the server and we found a weakness in PHP which was helping aid the compromise of some domains.
0 kommentar(er)
