JBall Posted February 18, 2009 Report Posted February 18, 2009 I have some very unusual things appearing on my home page. Like half of someone else's site??? Have I been cracked? Quote
falkencreative Posted February 18, 2009 Report Posted February 18, 2009 Yes. Pull the site immediately until you can figure what's up. Visitors, I'm removing the link -- the site has some javascript exploits on it, and I don't want anyone to get affected. Quote
jlhaslip Posted February 18, 2009 Report Posted February 18, 2009 Shared Server? Do you know if open_basedir is activated? Do you have any files that are permissions 0777? How are the rest of the files? Quote
JBall Posted February 18, 2009 Author Report Posted February 18, 2009 Uhg.... Nope just that page. I'm pulling it now, dammit. Quote
falkencreative Posted February 18, 2009 Report Posted February 18, 2009 Just as an update... I may have overreacted. I don't know how your site is built, however, it has content from two different sites, and when I visited in Firefox3 on Windows XP, I got an alert from AVG Antivirus saying something about a javascript exploit. Quote
JBall Posted February 18, 2009 Author Report Posted February 18, 2009 Shared server? Um, yes I think so. At least I'm not paying for a dedicated one any ways. I moved all the files into a separate folder within my server. Will that do? Quote
JBall Posted February 18, 2009 Author Report Posted February 18, 2009 Um, well I used simple CSS, html to build it. I got the same notice when I tried to view the index page. the other pages seem fine though. Quote
falkencreative Posted February 18, 2009 Report Posted February 18, 2009 Yeah, that will do for the moment. I would take a look at the code you are using on your home page... First off, I'd just check that your code is correct. Secondly, what Javascript do you have on that page? it is possible someone has exploited a hole in the javascript which is giving you problems. Quote
JBall Posted February 18, 2009 Author Report Posted February 18, 2009 Shared Server? Do you know if open_basedir is activated? Do you have any files that are permissions 0777? I'm not sure what you are referring to, so I will say probably not? Quote
JBall Posted February 18, 2009 Author Report Posted February 18, 2009 Yeah, that will do for the moment. I would take a look at the code you are using on your home page... First off, I'd just check that your code is correct. Secondly, what Javascript do you have on that page? it is possible someone has exploited a hole in the javascript which is giving you problems. The only js running is Dreamweaver generated roll overs. The code is just how I wrote it, no changes at all. Could this simply be a HostGator thing? Quote
falkencreative Posted February 18, 2009 Report Posted February 18, 2009 I would definitely put in a service ticket with them... I don't know a huge amount about this sort of thing. Quote
JBall Posted February 18, 2009 Author Report Posted February 18, 2009 Thanks for your help, Ben. I'll do just that. :| Quote
jlhaslip Posted February 18, 2009 Report Posted February 18, 2009 (edited) Open_basedir affects the access to your account and potential access from others on a Shared Server. It is an Apache thing. It stops the risk of having another member of the Server add/access your files. http://help.godaddy.com/article/1616 http://phpsec.org/projects/phpsecinfo/tests/open_basedir.html'>http://phpsec.org/projects/phpsecinfo/tests/open_basedir.html *edit* try this: http://phpsec.org/projects/phpsecinfo/tests/ download the zip and take a look at the README file. Edited February 18, 2009 by jlhaslip Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.