Suggestion for hacked sites
Suggestion for hacked sites
Hi
I think CMSMS is a great program, the only problem I have had is I have had 6 sites hacked in the last 6 months. Usually spammers.
Yes They may not have been the latest versions.. but they were close. The problem is once the site has been compromised it is difficult to find and remove non CMSMS files.
My suggestion is to have a feature in admin that compares the files in the site with the files for the release. and lists all non CMSMS files. content compare would be even better except for files that change config etc.
Thanks for your consideration and keep up the great work
Keith
I think CMSMS is a great program, the only problem I have had is I have had 6 sites hacked in the last 6 months. Usually spammers.
Yes They may not have been the latest versions.. but they were close. The problem is once the site has been compromised it is difficult to find and remove non CMSMS files.
My suggestion is to have a feature in admin that compares the files in the site with the files for the release. and lists all non CMSMS files. content compare would be even better except for files that change config etc.
Thanks for your consideration and keep up the great work
Keith
Re: Suggestion for hacked sites
I dont know how recent your versions are, but since at least 2 years, the version have SystemVerification inside, which can compare the original files with the current ones in the install. The check-file is downloadable in the Download-area, and can be compared to your install.
Ronny
Ronny
Re: Suggestion for hacked sites
anyway a lot of softwares do this, in FTP mode also
Re: Suggestion for hacked sites
Thanks for tip Ronny,
I had missed this feature... if it lists additional non cmsms files it would be what I need. but I just tried it and it didn't list any of the files I had uploaded in the site so I suspect it wont find additional spammer files???
anyone know??
Keith
I had missed this feature... if it lists additional non cmsms files it would be what I need. but I just tried it and it didn't list any of the files I had uploaded in the site so I suspect it wont find additional spammer files???
anyone know??
Keith
Re: Suggestion for hacked sites
malicious code are into database normally, and overwrite/modify or add code into your template, news, css, article ...
search <__iframe> tag calling external site or other <www> into database
bye
search <__iframe> tag calling external site or other <www> into database
bye
Re: Suggestion for hacked sites
Which software for example?anyway a lot of softwares do this, in FTP mode also
Can you name any?
Would find that information very helpful.
Thank you.
Re: Suggestion for hacked sites
I use Beyond Compare that's an ftp client also.
N.B. .hope I'm not infringing forum rules when quoting commercial product
anyway try googling "file compare" for a free one
N.B. .hope I'm not infringing forum rules when quoting commercial product
anyway try googling "file compare" for a free one
Re: Suggestion for hacked sites
Thank you very much.
Re: Suggestion for hacked sites
In terms of checking. You can generate your own checksum as well. This means that you can test the default upload/install. Whne you installed modules etc, you can go to SystemVerification, and create a set for your current setup. And use that for comparison at a later moment.
Ronny
Ronny
Re: Suggestion for hacked sites
@RonnyK
have you ever seen a site has been hacked through
modification of php files ? most of them are hacked via db, I suppose
thanks
have you ever seen a site has been hacked through
modification of php files ? most of them are hacked via db, I suppose
thanks
Re: Suggestion for hacked sites
gianpiero,
most hacked sites that I saw, where indeed modified php-files. They mostly originated from x-access on shared-hosts.
Ronny
most hacked sites that I saw, where indeed modified php-files. They mostly originated from x-access on shared-hosts.
Ronny
Re: Suggestion for hacked sites
Most hacks are thru SHARED hosting accounts.
To find if your site is still infected, download whole site by FTP, and scan those files with Avast!
Search for my posts on this.
To find if your site is still infected, download whole site by FTP, and scan those files with Avast!
Search for my posts on this.