On 4/29/10, Al wrote: > Ross had a good suggest about planted links to external malicious sites. One > of > the sites I worked on a couple of years ago had this happen. They ask me to > look > into it. > > There were about 90 htaccess files that redirected the user to a malicious > site > whenever there was an error, 404 etc. > > About 400 html files had a javascript appended on the end that sent the > visitor's IP and the file's complete URL to a website in Russia. > > About 300 php files had some php code that generated html code had likewise > sent > the visitor's IP and the file's complete URL to a website in Russia. [snip remainder of horror story] How do people get their sites into this state? Is it just me, or wouldn't a regular comparison of MD5s of the site contents with SCM contents stop most of that kind of thing (after the event, but still, better that than continue in that state). -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
