I have encountered several times the last few weeks that our installation of CMS Made Simple has been hacked and harmful scripts etc. has been installed on our web server.
I have followed the guidelines for access rights on web server, but somehow hackers has gained access.
Today I needed to bring the webpages down once more (third time in 3 weeks)- and need to make a new clean installation and search through all data in MySQL to check for any harmful scripts.
Anyone who has encountered the same issues?
We are running the latest version of CMS Made Simple, and all modules!
There where some security issues with News earlier this summer/fall, but are there still "back doors" and errors that can be exploited by hackers?
I am very frustrated right now!
Hope for a quick response and suggestions!
TKS in advance.
Is CMS Made Simple - Secure enough?
Re: Is CMS Made Simple - Secure enough?
I figure I for sure can say NO, none that are known ... I trust the dev team they will patch every exploitable error as soon as possible... they always havegdal1 wrote:are there still "back doors" and errors that can be exploited by hackers?
I guess you won't get an answer from the dev team on your post. It has a great lack of all the necessary details, like server logs etc...
Did you contact your host?
I have many sites running for years without any problem
Re: Is CMS Made Simple - Secure enough?
Regarding to the information that you give is no real reply possible. Without knowing what/how was done it is hard to tell how the attack was done. There have been exploits (mostly fixed before the exploit was published even), and there have been hacks. But most hacks were not CMSMS related, although they effected CMSMS. There have been numerous that were hacked on shared servers, where access to one, gave access to all, including cmsms domains. Also was there a FTP hack last summer, where the passwords were taken from FTP-sessions, these led to access of servers (sometimes to multiple domains because of the shared server) and to hacks of sites as well.
Another option would be that there was a single attack, but that you didnt clean all infected files on the first and second try.
Ronny
Another option would be that there was a single attack, but that you didnt clean all infected files on the first and second try.
Ronny
Re: Is CMS Made Simple - Secure enough?
It's always possible some hacker found a hole that no-one ever thought off, but if that was the case and that hacker was exploiting that leak, then I think a lot more people would be having problems. It ain't so hard to find CMS Made Simple website using regular search engines, and I don't think random spam distributors would be picky about which website to infect.
So, my best bet is that it's an FTP/webhost hack. You should have changed all passwords of your FTP accounts, admin panels, MySQL users, everything. You should also have checked your entire host for malicious scripts, not only the public_html folder but every folder you have access to. And last but not least, you should check ALL computers that EVER login to your FTP for viruses. It's well known that a lot of website hacks begin with a keylogger on the webmasters computer.
And, if you have the choise, use sftp or ftps to login to your webhost.
But again, this is just a wild guess, only your serverlog can tell you what really happened.
So, my best bet is that it's an FTP/webhost hack. You should have changed all passwords of your FTP accounts, admin panels, MySQL users, everything. You should also have checked your entire host for malicious scripts, not only the public_html folder but every folder you have access to. And last but not least, you should check ALL computers that EVER login to your FTP for viruses. It's well known that a lot of website hacks begin with a keylogger on the webmasters computer.
And, if you have the choise, use sftp or ftps to login to your webhost.
But again, this is just a wild guess, only your serverlog can tell you what really happened.
