Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
  1. #1
    Regular Coder
    Join Date
    Nov 2003
    Location
    Bloomsbury, London
    Posts
    102
    Thanks
    3
    Thanked 0 Times in 0 Posts

    Exclamation How to identify security loopholes in a website that has been hacked to send spam?

    I've been informed by our webhost that one of our sites has been hacked. By gaining unauthorised access to the site, hackers have been able to send out spam using our domain name (using from: xyz@ourdomainname.com in the spam).

    We've been asked to remove these violated files and close any security vulnerabilities before the webhost can restore the site. We've been able to identify the files and removed them.

    However, how can we specifically pinpoint and close any security loopholes so that it doesn't happen again? The site is using lots of scripts etc. so we don't know where the vulnerability could lie.

    We've ran lots of sites since the 1990s and never had a single security violation, so this situation is a new one to us.

    Thanks a million for any advice.
    Domain Exhibit - premium domain names and websites with significant traffic | quote Coding Forums for additional 15% discount!
    Coding Freebies - free scripts and software worth hundreds of dollars

  • #2
    Regular Coder
    Join Date
    Oct 2004
    Location
    London E4 UK
    Posts
    320
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I can't help with any techy advice but is it shared hosting and of so with which host.

    And have you googled this issue with regards to that host? I only suggest this because I've had this a few times over the years with many users adamant that once a hacker has broken into one account they can get access to all the other domain on that server, although the hosting company refused to discuss the matter

    and of course someone that can hack a site can disguise the sending domain

    and do any of your scripts send email?

    and have any new files appeared on your domain?

    and has any new lines of code appeared in any of your likely scripts?

    change logins and ftp passwords

    all lo tech numpty stuff obviously


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •