1. Welcome to DNTrade. If you want to find out about the latest domain name industry news or talk, share, learn, buy, sell, trade or develop domain names - then you've come to the right place. It's a diverse and active community, with domain investors, web developers and online marketers - and it's free! Click here to join now.
    Dismiss Notice

My site is getting constantly hacked. Any Idea's

Discussion in 'Web Development' started by geodomains, Dec 19, 2010.

  1. Bacon Farmer

    Bacon Farmer Membership: VIP

    Joined:
    Jan 21, 2009
    Messages:
    948
    Likes Received:
    603
    If only I'd read those 3 PHP books I bought myself last Xmas I'd understand what you just said :confused:

    Incidentally FYI if you ever wanted one of the Sitepoint books go here http://sale.sitepoint.com/ subscribe and then wait till the final offer on the 24th.
     
  2. ant

    ant Membership: Community

    Joined:
    Feb 2, 2010
    Messages:
    23
    Likes Received:
    0
  3. DnEbook

    DnEbook Membership: VIP

    Joined:
    Jun 26, 2008
    Messages:
    6,316
    Likes Received:
    828
    and it's crap music too !
     
  4. geodomains

    geodomains Membership: VIP

    Joined:
    Aug 18, 2008
    Messages:
    841
    Likes Received:
    101
    auDA Member:
    Yes
    Yes ant it was hacked again last night, this guy has too much time on his hands, loves to waste my time.

    I've now updated all new passwords including admin as this was not done yesterday. I'd love to get my hands on this low life.

    Don
     
  5. ant

    ant Membership: Community

    Joined:
    Feb 2, 2010
    Messages:
    23
    Likes Received:
    0
    Quick checklist of passwords to change after a server gets hacked.
    These must all be changed at the same time... if you forgot one of them then go and change ALL of them again.
    root user password.
    any user with sudo permission.
    the database user password.
    passwords for users referenced in .htaccess files.
    all the users in the mysql database.

    Blocking SQL injection is good solution for the future, but once the horse has bolted make sure you close the door too.
     
  6. geodomains

    geodomains Membership: VIP

    Joined:
    Aug 18, 2008
    Messages:
    841
    Likes Received:
    101
    auDA Member:
    Yes
    Yes mate these are all done now at the same time.

    Cheers
    Don
     
  7. geodomains

    geodomains Membership: VIP

    Joined:
    Aug 18, 2008
    Messages:
    841
    Likes Received:
    101
    auDA Member:
    Yes
    First morning I've seen my site back to normal, they tried again last night for hours and had no success, so hopeful this will be the end of it. :D

    Don
     
  8. DavidL

    DavidL Membership: VIP

    Joined:
    Jun 18, 2008
    Messages:
    2,613
    Likes Received:
    19
    auDA Member:
    Yes
    Hacking becoming a greater and greater problem isn't it?

    Google are now warning about hacked sites (they have done with malware warnings for a while)

    [​IMG]
     
  9. geodomains

    geodomains Membership: VIP

    Joined:
    Aug 18, 2008
    Messages:
    841
    Likes Received:
    101
    auDA Member:
    Yes
    Yes David, they probably only go for high profile sites too, like mine. :D

    Don
     
  10. Luke

    Luke Membership: Community

    Joined:
    Dec 18, 2010
    Messages:
    148
    Likes Received:
    0
    Good work - I hope you've stopped them in their tracks! :)