RE: Hacking attempt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Sounds like someone replaced their INDEX.PHP with something else.

Short answer:  You can get the INDEX.PHP back if you restore it from a
backup copy you should have.

If you don't have a backup copy, then you can't get it back most likely
(unless it's on a system that you can manage to undelete from, but
chances are it's been over-written by now).


The bigger question is "How do we keep someone from replacing our PHP
scripts again?".   I'd do some research on PHP security.  Cross Site
Scripting vulnerabilities are big these days and many (all? Need to do
more research) can be handled by the PHP developer by scrubbing user
input sufficiently to make it impossible.

Also, keep up with the latest versions of PHP as they tend to patch
security issues that are known to exist (can't patch something that
nobody's reported though).


And the biggest "must do".... Keep backups.   If you gotta, you can
always just copy over the hacked pages with a few copy of your
latest/greatest PHP scripts.

Good luck.

-TG

> -----Original Message-----
> From: raditha dissanayake [mailto:jabber@xxxxxxxxxxx] 
> Sent: Sunday, November 14, 2004 8:51 AM
> Cc: php-general@xxxxxxxxxxxxx
> Subject: Re:  Hacking attempt
> 
> 
> and what exactly is a hacking attempt?
> 
> The Doctor wrote:
> 
> >One of our customers how has
> >Hacking attempt on their index.php instead of their regualr page.
> >
> >What caused this and how do we get the regualr page back?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux