11
DonXoop
Re: My site got hacked...

Many people are hosted on systems that have register_globals On and don't have the ability to turn it off. If they are lucky they can use an .htaccess file.

I suggest you have at lest one .htaccess file in the XOOPS root dir with:
================
php_value register_globals 0
================

You can then us a phpinfo() file to verify the settings. A quick easy trick is to put a typo in .htaccess and see if you get an error page, then you know if .htaccess is being parsed. If you can't do either and the settings are insecure than I'd consider a new provider.

If you have a module that must use register_globals On and you're willing to risk it then place an .htaccess file in that module's dir with:
====================
php_value register_globals 1
====================

The value is only valid from that module's path and deeper.

12
hpaco
Re: My site got hacked...
  • 2004/2/26 3:12

  • hpaco

  • Just popping in

  • Posts: 12

  • Since: 2004/2/21


hey another one!
Today my site desapear I went in and there was only ome file left mainfile.php I send a mail to support and they restore it at no cost, but then i upgraded to 2.0.6 (the site was again fully functional) and I cannot log in! No body can login what can I do??

thanks

Login

Who's Online

300 user(s) are online (189 user(s) are browsing Support Forums)


Members: 0


Guests: 300


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits