1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

How to check sites security

Discussion in 'Security' started by RPSPP, Feb 9, 2007.

  1. #1
    hiya
    i have practically finished my site again after it got hacked last night .. but was wondering if there was any way i can check it to see if there is any way someone could get in again. I obviously dont want to start adding links if its just gonna get ruined again.
    i have found out the way the 'person' got in last night, and think i have fixed that problem .. but with me not being an internet expert, i dont know if theres any other way they could get in .. or how to check if they could.
    Am i rambling ? lol
    Anyway, if anyone has any pointers on what to check, i would be extremely grateful :)
    Many Thanks
    Erica xx
    SEMrush
     
    RPSPP, Feb 9, 2007 IP
    mirainfo likes this.
    SEMrush
  2. needlehost

    needlehost Guest

    Messages:
    115
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #2
    help us out here.
    are you using a cms? php? if so, check your config file is not open. also, if its a homebrew cms you NEED to get someone to look over it for you, check all user inputs get cleared! second.
    change all your passwords, ALL, change mysql pass, mysql user, cpanel pass, cms pass and the email that cpanel sends emails to pass.
     
    needlehost, Feb 9, 2007 IP
    RPSPP likes this.
  3. RPSPP

    RPSPP Peon

    Messages:
    99
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    0
    #3
    :eek: sorry .. its a directory script i am using (php files)
    the config file .. what setting should that be on please ? and i will go and check it.
    I dont know what cms is, so am assuming i am not using it:confused:


    after last night when my site got hacked, i have changed passwords of absolutely everything on every site i have, i have deleted the user and database and started again from scratch so they have diff names and pass's .. the email address associated with that cpanel was one from a different domain, but even so, every email password has been changed. talk about feeling paranoid lol

    Thanks for replying
    Erica xx
     
    RPSPP, Feb 9, 2007 IP
  4. wormy

    wormy Active Member

    Messages:
    1,112
    Likes Received:
    11
    Best Answers:
    0
    Trophy Points:
    80
    #4
    Well have you figured out how they got in the first time? That would be where I would start. And my own personal opinion is that the best way to tackle this problem site destruction by hackers is to firstly have a daily backup policy or a backup every time your site is changed if your content changes very little. And secondly to sacrifice time doing research and keeping up with the latest exploits, especially the widespread ones relating to PHP. Prevention and cure.
     
    wormy, Feb 11, 2007 IP
    RPSPP likes this.
  5. RPSPP

    RPSPP Peon

    Messages:
    99
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    0
    #5
    Thank you wormy
    My host had a look and said he couldnt see anywhere that anyone had got in illegally .. and someone else pm'd me and mentioned the fact that sometimes the database pass can be seen on some files (i didnt know this) .. and stupid me, i used the same password on the database as i did on my cpanel, and i hadnt even changed that from the basic pass that came with my hosting :eek: .. so in all probability thats how they got in .. i think its not a case of actual hacking is it, more a case of my stupidity :eek: :mad: :eek:
    anyway .. i have totally changed my way now. i spent a full day changing passwords to EVERYTHING that needed passwords .. this included ebay, paypal, forums, my sites, sites i had done for others, admins, all emails, you name it, i changed it .. they all now have random letters (mixed cases) numbers and characters. I backup EVERY time i change something and on my store site, i backup at the end of every day (so i get new customers and sales backed up) .. and i have lectured all my friends and family to be aware when using the internet.
    One of my sites has zencart on it, and i am always checking that i am up to date and that there is no new patches.
    On the site that got defaced, I have taken that script off. I have now started working on a different url and went for a more indepth one. I have signed up to their forum too and will watch out for patches and updates etc.

    I'll also do what you said about researching vulnerabilities etc in php.

    Many Thanks for you reply .. and sorry for the war and peace sized message back lol
    Erica xx
     
    RPSPP, Feb 12, 2007 IP
  6. rootbinbash

    rootbinbash Peon

    Messages:
    2,199
    Likes Received:
    88
    Best Answers:
    0
    Trophy Points:
    0
    #6
    if yo dont own the server and you dont know about nix system there is nothing to do
     
    rootbinbash, Feb 19, 2007 IP
  7. scdc

    scdc Peon

    Messages:
    31
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #7
    I would recomend you install Tripwire on that host, very usefull to track changes in future.
     
    scdc, Feb 19, 2007 IP