Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    New Coder
    Join Date
    Apr 2006
    Posts
    24
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Angry Is it a hacker or a robot?

    I happened to check the sourcecode of one of my webpages last week, I hadn't in months. I never thought to check up on it because it always looked fine. However, it was filled with spam, hidden inside of div tags... I deleted it all and now there is some spam again. Here is a sample:

    Code:
    <div id="lyrbms" style="position:absolute; width:147px; height:70px; z-index:1; left: -534px; top: -487px;">Learn how to setup your own <a href="http://www.ballisticmerchantservices.com">merchant account</a> that will enable you to <a href="http://www.ballisticmerchantservices.com">accept credit cards</a>.  If your business is classified as high risk, you should setup a <a href="http://www.ballisticmerchantservices.com/high_risk_merchant_account.asp">high risk merchant account</a>.  Here are some <a href="http://www.visamastercardlogos.com">credit card logos</a> to use on your website and shopping cart.</div>
    How the heck is it getting there and how can I prevent it? The page is a simple html page, no forms or functionality beyond links.

    Thank you in advance!

  • #2
    Senior Coder twodayslate's Avatar
    Join Date
    Mar 2007
    Location
    VA
    Posts
    1,042
    Thanks
    67
    Thanked 39 Times in 39 Posts
    Are you using a free host? Some hosts put spam in your code.
    twitter | Quality Hosting - $5.95/mo*
    Feel free to PM me!

  • #3
    Senior Coder CFMaBiSmAd's Avatar
    Join Date
    Oct 2006
    Location
    Denver, Colorado USA
    Posts
    3,147
    Thanks
    2
    Thanked 333 Times in 325 Posts
    If you have absolutely no server side script files of any kind in any of your folders (actually you should check and make sure that all the files present are only the ones you put there) then there are two general possibilities -

    A script in some other account on the server has read/write privileges to your folders and files. This would indicate that the server permissions were either never setup correctly or have been compromised.

    Someone has guessed (or has a virus/key-logger on your's or an administrator's computer) a username/password for your control panel or FTP account or for an administrator's account or has somehow else obtained access to the server and is able to read/write your files.

    You should notify your hosting company that someone/something has modified files and you should also change all your passwords for your control panel, FTP accounts, and for any other remote means of accessing the server. Use good strong passwords that use both upper and lower case letters and numbers and are 8 or more characters long.

    I also assume that you have good, up to date anti-virus and firewall software running on your computer? It might be time to do a full system scan using them to help rule out the possibility that someone learned usernames/passwords from your computer.
    If you are learning PHP, developing PHP code, or debugging PHP code, do yourself a favor and check your web server log for errors and/or turn on full PHP error reporting in php.ini or in a .htaccess file to get PHP to help you.

  • #4
    Regular Coder
    Join Date
    Jul 2002
    Location
    Las Vegas, NV - USA
    Posts
    104
    Thanks
    0
    Thanked 0 Times in 0 Posts
    If you are using a free hosting provider, then you are getting what you paid for.

    If you are paying for the hosting and you are serious about the security of your site, I recommend signing up with a security scanning company.Assuming that someone didn't guess your password and the shared hosting provider knows what they're doing as far as sand-boxing everyone sharing the server, a good scanning company will let you know if all the latest vulnerability patches are applied and various back doors that hackers use are closed. We use several companies but I have personal experience with Security Metrics (www.securitymetrics.com).

    Good luck -- hope this helps.
    Steven Sommers (blog)
    Shift4 Corporation -- www.shift4.com

    Creators of $$$ ON THE NET(tm) payment processing services.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •