Title |
I've been hacked in templates dir |
Description |
executable uploaded and run |
Message Text |
I'm not seeing anyone else have this problem but I've experienced it. The templates directory is 777 to work but that also leaves a door open for hackers to write a script into that directory and it basically steals your bandwidth for illegal activities....that is what my vps host said and it was my conclusion before they investigated it. It completely took out my site by stealing all available bandwidth and everyone else gets a 404.
After this happening multiple times, I decided to do a complete new install and hope that something had changed so that the templates directory wasn't so open. I've tried to run it 766 but that gets the templates don't exist message so it only works wide open. The file that the hackers uploaded was one called bador and it was an executable file.
I'm giving it another go but I'm betting that darn file shows back up soon. It usually shows up within a few days of me fixing it. I've even tried to update to the newest version of php as one webmaster friend knew that some security issues were fixed in the latest version. The gallery runs great on version 5.04 if anyone is wondering.
Has anyone else had this happen or know of a prevention??? I'm at a loss on this. I run another very large website that receives millions of hits per mo. and I had to remove all programs that ran with full open directories unless they were cgi. They just kept getting hacked. I did this a long time ago and it made a huge difference.
I'm concerned I can't keep group or others from executing from that directory. I run wsnlinks on another site and never have problems there but haven't checked recently on whether permissions are the same. Any ideas on what to do? My vps host is getting a little perturbed with this and has threatened to cancel my account if I don't keep it from happening. I've once again got it up and running today. I completely scrapped my database and went with a complete new install. The site was doing great before all the hacking started but now it has lost a lot of traffic due to the problems. My forums were also hacked on that same site but a newer install fixed that problem and I was hoping the same would work here.
Here is the newest install if anyone wants a peek. It was skinned like the forums but I dumped that wrapper and am starting over.
http://www.stockphotosphere.com/morgue |
Rating |
0/5 based on 0 votes.
|
Ownership |
maegg |
Views |
787 views. Averaging 0 views per day. |
Similar Topics |
|
Submission Date |
Aug 21, 2005 - 10:45 PM |