|
Jul
10
|
|
|
As maybe some of our visitors noticed last weekend (08-09 July) our site got hacked by a -god knows how well known- "Persian Hacker". He or they have been pretty nice and did not erased the entire site as one may expected, but just dropped a new index page. The weak spot was the now famous simpleboard glitch covered by secunia here: http://secunia.com/advisories/20981/ As for the rest ...
i had to learn the hard way that not all 3rd party components are that well written as it is expected. I do not want to minimize the hard work these people do. God knows we all do mistakes and errors are the rule, not the exception in the programming development. What is to be adviced: do not install blindly any kind of components. Please check if the "standard" defined( '_VALID_MOS' ) or die( 'Restricted access' ); at the top of the PHP files. There are cases where this must be missing, but mostly it has to be there for security reasons. If you doubt, just ask the creator of the component / module The second lesson we learned is : back up your site, do it often and do it full There are for sure more script kiddies out there whitch won't limit themself to signature droppings or such "nice" things, but will delete the whole content just for the fun of it. Hope we all learn something from it, and appologies for the inconveniences that derved from these happenings.
Powered by !JoomlaComment 3.26
3.26 Copyright (C) 2008 Compojoom.com / Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved." |
|||||||
| < Prev | Next > |
|---|