a friend of mine keeps getting his servers hacked and adds iframes to the pages. Does anyone here have an idea what can be done to stop it? Thanks a lot in advance. Mike
I have read on this forum some code you can put in your pages that will break them out of other's iframes. Don't know if that would help with this scenario.
here is what he told me ... we've seen both... php sites, and sites with nothing but html getting hit. There are also 2 kinds of attack: one sticks straight iframe text in, the other uses a self-decrypting java script that writes the iframe to the users' browser.
I agree with ServerUnion, your friend needs to make sure the server is secure. It is not possible for someone to edit your page so that it contains frames and/or malicious javascript without having access to the actual document. This is not to say that going to your friend's site from another one cannot cause it to be displayed in a frame instead of on its own page -- or that any AJAX pages cannot be interfered with by a hacker who is managing to get someone to access your site from their's.
Sounds very much like XSS (Cross Site Scripting) issue here. Does the site allow user to input something to it? e.g.: post a message, add a comment, etc. If it does, you need to make sure that any HTML special characters (angle brackets, ampersands, quotes, et al) are properly "sanitized". i.e.: angle brackets should be converted to > and <, ampersands to &, quotes to ", ...
verify that the the folder has only read/script access, no WRITE access. XSS is possible, just remove an interactive forms... one by one to see which one is getting hacked...