Help
Over the last week, my server has been attacked a couple of times. I have mainly dynamic CMS sites on the server and have tried all I can to secure them using the usual sorts of protection and patching vulnerabilities in PHP etc.
But I just feel so stupid and so useless. I dont know who would want to attack me (or why) - does anyone else get this happen too them and how do you deal with it?
Page 1 of 1
Anyone else get hacked often? Feel stupid :(
#2
MH-Nick 
- Dedicated Member
-
- Group: Members
- Posts: 121
- Joined: 16-March 09
- Reputation: 7
- Gender:Male
- Location:London, UK
- Experience:Intermediate
- Area of Expertise:System Administrator
Posted 16 June 2011 - 08:08 PM
Chances are these attacks won't be targeting you personally, but will be completely automated.
To what extent is your server being hacked? And what damage is being done (if any)?
To what extent is your server being hacked? And what damage is being done (if any)?
#3
pbb76
- Forum Newcomer
-
- Group: Members
- Posts: 31
- Joined: 30-January 11
- Reputation: 0
Posted 16 June 2011 - 08:28 PM
Well my own business site was hacked over the weekend and my site was meta redirected to a page with an abusive message on it. Then just general attacks to gain access to databases.
Just feels very personal, but as I say, I have never crossed anyone in 12 years of doing this
Just feels very personal, but as I say, I have never crossed anyone in 12 years of doing this
#4
web-itec
- Expert
-
- Group: Members
- Posts: 533
- Joined: 23-March 11
- Reputation: 53
- Gender:Male
- Location:United Kingdom
- Experience:Advanced
- Area of Expertise:Web Developer
Posted 16 June 2011 - 08:41 PM
pbb76, on 16 June 2011 - 08:28 PM, said:
Well my own business site was hacked over the weekend and my site was meta redirected to a page with an abusive message on it. Then just general attacks to gain access to databases.
Just feels very personal, but as I say, I have never crossed anyone in 12 years of doing this
Just feels very personal, but as I say, I have never crossed anyone in 12 years of doing this
how "often" is this? if its often and youve changed your password for the server(assumingly), then its most likely automated(aka unlikely personal) OR you have a bad file on your server, check all the directorys for any odd files or other pages that may have had something changed on it then if it happens again just up your security
#5
rshosting
- Forum Newcomer
-
- Group: Members
- Posts: 54
- Joined: 23-March 10
- Reputation: 1
- Gender:Female
- Location:United Kingdom
- Experience:Advanced
- Area of Expertise:Web Developer
Posted 17 June 2011 - 04:46 AM
Just wish to confirm, is it the entire server being hacked, or your particular websites?
If its entire server being hacked, chances are, server has been compromised and needs attention. If it just your websites being hacked, then it is probably because of some vulneribility with the cms that you are using. Though you mentioned, you have applied patches etc.. I would also suggest you to check that no files or folders exist with 777 permissions.
If its entire server being hacked, chances are, server has been compromised and needs attention. If it just your websites being hacked, then it is probably because of some vulneribility with the cms that you are using. Though you mentioned, you have applied patches etc.. I would also suggest you to check that no files or folders exist with 777 permissions.
#6
UK Web hosting
- Advanced Member
-
- Group: Members
- Posts: 287
- Joined: 02-January 10
- Reputation: 9
- Gender:Male
- Location:UK
- Experience:Nothing
- Area of Expertise:Nothing
Posted 17 June 2011 - 05:39 AM
If you are using Cpanel Linux server I will suggest you to install Suphp, and modsec to avoid such attacks on php applications.
#7
timtamboy63
- Forum Newcomer
-
- Group: Members
- Posts: 79
- Joined: 22-June 11
- Reputation: 9
Posted 23 June 2011 - 09:35 AM
A few questions.
On your server, have you got a sysadmin? Tell him to check the firewall logs, and make sure csf is installed. If it isn't, fire him. If you don't have a sysadmin, hire one, or learn to secure your server properly.
Also, are you sure it's your server being hacked, not your website? You say you've secured everything, but how good are you at securing?
On your server, have you got a sysadmin? Tell him to check the firewall logs, and make sure csf is installed. If it isn't, fire him. If you don't have a sysadmin, hire one, or learn to secure your server properly.
Also, are you sure it's your server being hacked, not your website? You say you've secured everything, but how good are you at securing?
#8
SniderDK
- Expert
-
- Group: Members
- Posts: 697
- Joined: 01-November 08
- Reputation: 88
- Gender:Male
- Experience:Web Guru
- Area of Expertise:Web Developer
Posted 24 June 2011 - 01:50 PM
Hmmm I don't often do this, actually ive never given security work away but i also have empathy for how powerless it must make you feel, PM me some contact info (skype,gtalk or email) if you like and i will help you out for free... i wont be offended if you don't take the help of someone random 
I try not to expose my identity on here but will via private communications so you can check me out make sure im good and all that
also... im in and out at the moment so might not reply right away
I try not to expose my identity on here but will via private communications so you can check me out make sure im good and all that
also... im in and out at the moment so might not reply right away
Share this topic:
Page 1 of 1