Has anyone come across this site before? http:// www[dot]zone-h[dot]org/en/defacements/view/id=3547668/ I just happened to browse one of my sites in development and noticed all the images were missing so I checked the folders and a bunch of them had been moved to another folder and 5 of them have had their permissions changed to 600 and I cant change them back. I then checked the stats pages to see where people had been coming from and came across the site above. It appears that people log their attacks on sites and get points for it. Nice!! Anyone want to try and hack their site?
I still don't know. I had the write protections as 777, stupidly! Thats probably how but I've changed the passwords just in case.
Maybe your site has a security flaws in it. Maybe the Operating System or certain application like MySQL, PHP or ASP. Please update to the latest patches or put up some firewall function in your server. If your server is a virtual hosting, you should ask you hosting provider to secure your site or you take off your server from the hosting provider.
I've had a similar problem. I'm using an Opensource CMS called E107. I've recently upgraded from version 0.6x to 0.7., but before I did that I was hacked constantly. What would happen is they uploaded a 'picture' that contained a script in it. How did they upload it? Well, E107's HTML area has a bug. I deleted it and didn't have problems since.
Yup.. you're right... Many CMS has a bugs here or there.. Some is so critical that make the CMS vurnerable to exploits either the lack of security in the coding or else. By the way, if you're implementing the CMS, be sure to update it regularly. Check the CMS forum for any bugs and their patches. Visit regularly these website www.opensourcecms.com for any CMS reviews. FYI, phpBB is more prone to attack because these CMS is very buggy... Nevertheless, try Mambo for your CMS.
I have heard zone-h.org Its a zone for hackers.... where people decide on a site and go n attack it.. each hackers has its nickname by which they r known! They show the sites they hacked and gains reputation... There is also Rankings of hackers like who did max hacking and the bigger n difficult hacking gives more points!
Yup.. you're right. But with VBulletin code is quite a propietary.. maybe it takes time for them to hijack it. If the VBulletin operator always remember to upgrade to the latest patch, then you don't need to worry.