Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    New to the CF scene
    Join Date
    Mar 2010
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Question Web Site Security

    Can anyone recommend a web site security program?
    Site is hosting a database and written in php. Would like capability of securing various pages differently, login, ip tracking, user tracking, etc.
    Something not as complex as phpSecureSite.

  • #2
    New to the CF scene
    Join Date
    Mar 2010
    Location
    dallas, TX, usa
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    We've been hacked, on our shared linux servers hosted by both 1&1 and HeartInternet (yes we do realise we are the only common link between these) however I've been stunned by the indifference of both of these providers to and the lack of security support they've provided.

    We had an infection of the Trojan "Backdoor.PHP.C99Shell.w" which appears to have been planted by SQL script injection ( don't know how.... wish I knew how to prevent it in future).

    So. ...

    Does anyone know of security (anti virus etc) software I can run remotely on my shared service to make sure everything's clean.
    Are there any apps I can run all the time to detect this sort of thing(you'd think 1&1 and HeatrInternet would do this wouldn't you)
    How do I avoid a repeat performance (given that we already have all the latest updates of all the apps we use installed).

  • #3
    Senior Coder
    Join Date
    Jul 2009
    Location
    South Yorkshire, England
    Posts
    2,318
    Thanks
    6
    Thanked 304 Times in 303 Posts
    Quote Originally Posted by tran1986 View Post
    Does anyone know of security (anti virus etc) software I can run remotely on my shared service to make sure everything's clean.
    ClamAV.

    Are there any apps I can run all the time to detect this sort of thing(you'd think 1&1 and HeatrInternet would do this wouldn't you)
    Your host can't protect you against insecure|sloppy code. Only you can do that.

    How do I avoid a repeat performance (given that we already have all the latest updates of all the apps we use installed).
    Do a search for 'sql injection'.


    Edit: Btw, you really ought to start your own thread instead of hijacking someone elses thread.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •