------------ Original Message ------------
> Date: Friday, October 03, 2014 21:24:52 +0200
> From: Carlos Medina <info@xxxxxxxxxxxxxxxxxx>
> To: php-general@xxxxxxxxxxxxx
> Subject: Re: hacked!!
>
> Am 03.10.2014 um 16:46 schrieb Jim Giner:
>> My first time experiencing this. Suddenly Google has warned me
>> that my site is hacked and I have found a couple of files that
>> indeed did have some malicious code added to them. My question
>> here is: Does this mean someone figured out my site password in
>> order to gain ftp access? I am very careful of my passwords so
>> I'm shocked to see this happen. Any passwords stored in my files
>> are stored outside of the web-accessible tree so I am puzzled.
>>
>> Any advice appreciated.
> Hi Jim,
> do this:
>
> 1.- Change your passwords
> 2.- Update or reinstall your Server
> 3.- Update your Software on the Server
> 4.- Dont forget to update ALL your certificates (ssl)
> 5.- Configure your Server and Software in the future better
> 7.- Be carefully with programming
>
> Regards
>
> Carlos
>
He's on shared hosting, so only some of these are options for him.
However, this does raise the issue that he should review all
directories/files (not forgetting to look for hidden
directories/files) that he controls on his site (including those
outside the web server tree) to make certain that nothing else has
been added/altered. Doing a full restore from a clean (before known
incident data) backup is generally the advised approach.
- Richard
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
