Sounds like someone replaced their INDEX.PHP with something else. Short answer: You can get the INDEX.PHP back if you restore it from a backup copy you should have. If you don't have a backup copy, then you can't get it back most likely (unless it's on a system that you can manage to undelete from, but chances are it's been over-written by now). The bigger question is "How do we keep someone from replacing our PHP scripts again?". I'd do some research on PHP security. Cross Site Scripting vulnerabilities are big these days and many (all? Need to do more research) can be handled by the PHP developer by scrubbing user input sufficiently to make it impossible. Also, keep up with the latest versions of PHP as they tend to patch security issues that are known to exist (can't patch something that nobody's reported though). And the biggest "must do".... Keep backups. If you gotta, you can always just copy over the hacked pages with a few copy of your latest/greatest PHP scripts. Good luck. -TG > -----Original Message----- > From: raditha dissanayake [mailto:jabber@xxxxxxxxxxx] > Sent: Sunday, November 14, 2004 8:51 AM > Cc: php-general@xxxxxxxxxxxxx > Subject: Re: Hacking attempt > > > and what exactly is a hacking attempt? > > The Doctor wrote: > > >One of our customers how has > >Hacking attempt on their index.php instead of their regualr page. > > > >What caused this and how do we get the regualr page back? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
