We were hacked
Posted: Sun Jul 16, 2006 1:28 am
I didn't keep the file around, but my server was hacked last night, replacing the index.html with something else. This didn't affect nissandiesel, but did mess up my personal site -- fortunately, the backups worked.
Hack entry was via an uploaded php script. I had neglected to harden the uploads directory to disallow php files from being interpreted after uploading. IOW, someone uploaded a php file, then pointed their browser to it and my server ran the php interpreter on it. Fixed -- I hope.
Hack entry was via an uploaded php script. I had neglected to harden the uploads directory to disallow php files from being interpreted after uploading. IOW, someone uploaded a php file, then pointed their browser to it and my server ran the php interpreter on it. Fixed -- I hope.