I was hacked again today and I thought that my security was infallible. Hacked one time before because I only used four URL parameters, (one of which was a 14 character password) and I think the hacker discovered the URL.
To prevent this and only while updating the site, I hard-code my IP-Address, which must match my $SERVER['REMOTEADDR'] to allow for adding and/or editing records. I thought that this method would have prevented others from logging in? When finished updating I remove the IP=Address.
How can prevent this from re-occurring?
The web-page may may still be live and can be checked here:
If it does not correspond to the partial screen dump then the cache has timed out and the replacement record has kicked in.
Unfortunately it could have not happened at a worse time because I am just about to set off up country for five days and will only have Wifi on my tablet
As I've recommended before, ask your host to run repetitive "maldet" scans until nothing untoward appears. The "maldet" scan is really good at identifying malware on your server.
Have a Very Merry Christmas!
Many thanks for taking the time to check the site.
I scanned the site for more virii/virus/viruses (SP) using Host Virus Scanner powered by ClamAV and fortunately none were found. I have not tried "maldet".
I think what may have happened is when updating the application version the site was compromised. It is now about ten days since this occurred and everything now seems OK.
Merry Christmas and a Happy New Year.
You're welcome, John, and I hope you had a Very Merry Christmas, too. Just stay sober and you should be able to dodge the drunks on New Years Eve!
This topic is now closed. New replies are no longer allowed.