**Lets help to fix vulnerbility from hotscripts clone here**

Discussion in 'PHP' started by basketmen, Dec 15, 2007.

0
  1. #1
    you can get hotscripts clone for free in this thread


    but this script is have vulnerbility, my site had been hacked twice using this script




    please share your knowlegde to fix vulnerbility from this script




    i've got this information about what file that need to fix from http://www.milw0rm.org/exploits/4633


     
    basketmen, Dec 15, 2007 IP
    hogan_h likes this.
  2. MMJ

    MMJ Guest

    Messages:
    460
    Likes Received:
    12
    Best Answers:
    0
    Trophy Points:
    0
    #2
    MMJ, Dec 15, 2007 IP
  3. alph

    alph Well-Known Member

    Messages:
    508
    Likes Received:
    9
    Best Answers:
    0
    Trophy Points:
    108
    #3
    Partial solution is to simply stick an .htaccess file in your siteadmin folder that only allows your IP.

    something like...

    order allow,deny
    allow from 1.1.1.1

    This won't stop them from getting admin user and password but it will stop them from using it to login at least.
     
    alph, Feb 14, 2008 IP