Hi All, I was wondering what happened, when i look into my images, javascript folders etc.. i see define.inc.php, settings.class.php, news2.class.php, article5.class.php files somehow injected automatically. I have google'd it and couldn't find any solution for this. Kindly help me to resolve this issue.
If the files aren't part of your CMS then the first thing to do is either move them or delete them. Then you need to use your FTP tool to change the permissions on those folders to 666. If the permissions were ok then you need to find the unsecure file in your install that gave the hackers access. What CMS are you using?
It sounds like you have an upload script somewhere on your site that's prone to malicious attacks. First, follow sarahk's suggestions to tighten up the directory permissions of your upload folder. Next, you need to track down your uploader code and perform the following: Do a file extension check on the file the user is attempting to upload. Make sure it ends in a valid file extension (array('gif', 'png', 'jpg', 'jpeg')). If you really want to be cautious, perform a file metadata lookup to try and determine the MIME type of the file using the Fileinfo PHP extension http://www.php.net/manual/en/ref.fileinfo.php When you upload the images, make sure you set their permissions to non-executable: i.e. 0644
i also facing above problem my forum whereas my site works but forum page show error and my memory load is also high
From your description it could be dozens of things. If we saw the complete error message we might be able to make a guess.