Hacking link problem...

5 posts by 3 authors in: Forums > CMS Builder
Last Post: November 29, 2011   (RSS)

Re: [cfdesign] Hacking link problem...

By Dave - November 28, 2011

Hi Cheryl,

I did a quick search on google for specific hacked pages but it didn't return anything. It did say that your site may have been compromised, though. See:
http://www.google.ca/search?q=site:pmaonline.com

We've never had a security issue with our software, but have heard of lots of hacked site reports. The culprit is often common open-source scripts. These are so popular that hackers spend the time to write automated scanners that check thousands of sites for known vulnerable scripts.

As a first step, I'd check to see if anything has been added to the /.htaccess file in the root of your website. Sometimes they add some code there to only show pages when a user links in from a search engine which would explain why you can't always see the page yourself.

Can you let me know if you see anything out of the ordinary in your /.htaccess? Make sure your FTP program shows .htaccess files and check in these folders (also check for php.ini files):
/medical_staff/greybox/
/medical_staff/
/

Hope that helps. Let me know what you find. Thanks!
Dave Edis - Senior Developer
interactivetools.com

Re: [Dave] Hacking link problem...

By (Deleted User) - November 29, 2011

Thanks! this did help!!!! I found a slew of files that were not suppose to be there... now I gotta figure out how to not have it happen again.....

Re: [cfdesign] Hacking link problem...

Sadly, this is a common problem which might have all kinds of causes. The most common is simply low quality shared hosting. All too often an insecure script running on a neighbouring account can be used to throw files "over the fence" onto your patch.

This assumes that the problem wasn't just a weak FTP username/password, or a myriad of other possible curses. [;)]

J.

Re: [InHouse] Hacking link problem...

By (Deleted User) - November 29, 2011

I do have shared hosting... the hosting company doesn't seem to think it was their issue... of course.... I changed passwords... and need to monitor a little closer.... Thankful for google webmaster tools.....