View Full Version : security problems

10-29-2009, 02:08 AM
ok im not sure how this is happening, but several of my websites keep getting footer.php file hacked into and a Malware javascript gets added to the bottom of the code... the file permission is set to 644 and the cpanel password was just changed to something extremely random/secure... im not sure how they keep getting in. i asked the host to look into it and they said there's no record of any SSH hacking or anything..... and there are no editors that change anything on footer.php so it isnt a problem in my admin script.... frustrating

10-29-2009, 03:02 AM
This could be anything. Odd considering your 644. You probably want someone you trust to have a proper look around the server.

10-29-2009, 03:32 AM
My guesses in decreasing order of probability -

Your admin script allows someone who is not logged in to access the content on your form/form processing pages.

You are including files in your admin script that when browsed to directly don't care about the log in check on your admin pages.

You have an upload function that allowed a script to be uploaded that then allowed a hacker to do anything he wanted to your site.

You are including content based on a GET parameters and allow_url_fopen/allow_url_include permitted raw php code to be included and executed on your server.

SQL injection allowed a hacker to either obtain your admin script password and/or create his own admin account that then permitted access to the content in your scripts.

It would take seeing your code to determine which one(s) of these or any other possible exploits exist.

10-29-2009, 03:57 AM
well none of my scripts include anything from $_GET vars, and my admin doesnt manage any php files... and the logins for the admin are HTACCESS and not stored in a database.... and there are no upload forms outside of the htaccess-protected admin area. so im not sure what is going on.