Antworten: 18
Seite [1] |
|
 esse999Beginner Beiträge: 8 |
# Thema - 03.11.2011 um 21:41 Uhr
I installed the CMS two week ago, in a non primary folder, a testing folder in the second level but today someome hack my index page of CMS. How can I prevent this? They hacked my website more faster than i used the old phphnuke!  PS: the version is 2011.2 Zuletzt editiert von esse999 am 03.11.2011 um 21:41 Uhr (1x Editiert)
|
Inaktiv |
|
 ichraffsnicht  Supporter  Herkunft: Erdeborn bei Lutherstadt Eisleben Beiträge: 3191 |
# Antwort: 1 - 03.11.2011 um 21:52 Uhr
link to this page? logs? more infos? its like: "hey, someone has knocked on my door! Who is it?" please give us more infomations! ------------------      |
Inaktiv |
   |  |
| esse999 Thread-Ersteller Beginner Beiträge: 8 |
# Antwort: 2 - 03.11.2011 um 22:09 Uhr
The website is www.deltalasertag.it/dlt I did set a more restrictive access for users and guests but nothing. the install files was removed |
Inaktiv |
| |
| palle Supporter  Beiträge: 3073 |
# Antwort: 3 - 03.11.2011 um 22:14 Uhr
㰀䠀䔀䄀䐀 ... Is this the same as phpnuke? ------------------ I like the part where it says 'nyan'  Zuletzt editiert von palle am 03.11.2011 um 22:23 Uhr (2x Editiert) |
Inaktiv |
| |
| esse999 Thread-Ersteller Beginner Beiträge: 8 |
# Antwort: 4 - 03.11.2011 um 22:23 Uhr
It was an example, phpnuke was an old cms i used years ago with high level of hacking. However i don't understand how they find my website, i uploaded 2 week ago and i never sent links o visibility. |
Inaktiv |
| |
| Jam2 Highlander  Beiträge: 3291 |
# Antwort: 5 - 03.11.2011 um 22:24 Uhr
I don't think that they have hacked your ClanSphere installation. I think they hacked your ftp (trojan....)  btw. reupload index.php, change ftp passwd, check antivir, ect. However i don't understand how they find my website, i uploaded 2 week ago and i never sent links o visibility. ?
------------------ Gruß/ Best regards Jam2 Nützliche Forumbeiträge/Codepastes: (Useful comments in our board / codepastes) Template Switch for index.php Board Navlist last posts Edi: könnte man denn auch hier eine erweiterung einfügen?
Jam2: das web ist wie toyota..... Edi: hö ? Jam2: nichts ist unmöglich! Zuletzt editiert von Jam2 am 03.11.2011 um 22:25 Uhr (1x Editiert) |
Inaktiv |
| |
| esse999 Thread-Ersteller Beginner Beiträge: 8 |
# Antwort: 6 - 03.11.2011 um 22:25 Uhr
We are using a joomla CMS in parallel and it's not hacked or modified |
Inaktiv |
| |
| Jam2 Highlander Beiträge: 3291 |
# Antwort: 7 - 03.11.2011 um 22:28 Uhr
So on... We need Server Logs you should now do -> reupload index.php -> deactivate "explorer"-modul (only with this modul someone can edit datas in clansphere) -> change pws ------------------ Gruß/ Best regards Jam2 Nützliche Forumbeiträge/Codepastes: (Useful comments in our board / codepastes) Template Switch for index.php Board Navlist last posts Edi: könnte man denn auch hier eine erweiterung einfügen?
Jam2: das web ist wie toyota..... Edi: hö ? Jam2: nichts ist unmöglich! |
Inaktiv |
| |
| esse999 Thread-Ersteller Beginner Beiträge: 8 |
# Antwort: 8 - 03.11.2011 um 22:33 Uhr
03.11.2011 um 22:28 Uhr - Jam2: So on... We need Server Logs you should now do -> reupload index.php -> deactivate "explorer"-modul (only with this modul someone can edit datas in clansphere) -> change pws Ok, for server log i need to tell to my provider. i think and i hope i was the explorer module exploit.
|
Inaktiv |
| |
| Jam2 Highlander Beiträge: 3291 |
# Antwort: 9 - 03.11.2011 um 22:35 Uhr
iI don't know any exploit of explorer modul. only if index.php have got something like chmod 777 it is possible to change it with explorer modul ------------------ Gruß/ Best regards Jam2 Nützliche Forumbeiträge/Codepastes: (Useful comments in our board / codepastes) Template Switch for index.php Board Navlist last posts Edi: könnte man denn auch hier eine erweiterung einfügen?
Jam2: das web ist wie toyota..... Edi: hö ? Jam2: nichts ist unmöglich! |
Inaktiv |
| |
 ev0lutionGeekboy  Beiträge: 1103 |
# Antwort: 10 - 03.11.2011 um 22:58 Uhr
i dont its truth. u would be the first one ... ------------------  |
Inaktiv |
| |
| hajo VIP - Poster  Herkunft: Barsbüttel Beiträge: 9411 |
# Antwort: 11 - 03.11.2011 um 23:09 Uhr
well, we haven't heard of a clansphere hack for many month now, but i won't guarantee 100% security. on the other hand we should - at first - try to find out what happened in detail. ------------------ ClanSphere - professional clan care starts here |
Inaktiv |
| |
| esse999 Thread-Ersteller Beginner Beiträge: 8 |
# Antwort: 12 - 03.11.2011 um 23:36 Uhr
Refresh my link, they uploaded a image.......... |
Inaktiv |
| |
 kerryj88Try to beat me  Herkunft: Northampton Beiträge: 107 |
# Antwort: 13 - 04.11.2011 um 10:09 Uhr
you sure you chmod correctly on my server the chmod is the opposite to what is recommened on csphere instructions ------------------ www.b2g-clan.co.uk European PS3 Clan 
|
Inaktiv |
| |
| ichraffsnicht Supporter Herkunft: Erdeborn bei Lutherstadt Eisleben Beiträge: 3191 |
# Antwort: 14 - 04.11.2011 um 13:08 Uhr
@kerryj88 opposite chmod-settings? i think you are crazy ;-) ------------------ |
Inaktiv |
| |
| hajo VIP - Poster Herkunft: Barsbüttel Beiträge: 9411 |
# Antwort: 15 - 04.11.2011 um 14:10 Uhr
clansphere does only need 755 or higher for the uploads directory and recursive directories in it, depending on the webserver configuration. for other files / directories even 644 and lower can and should be enough. ------------------ ClanSphere - professional clan care starts here |
Inaktiv |
| |
| kerryj88 Try to beat me Herkunft: Northampton Beiträge: 107 |
# Antwort: 16 - 06.11.2011 um 00:03 Uhr
04.11.2011 um 13:08 Uhr - ichraffsnicht: @kerryj88 opposite chmod-settings? i think you are crazy ;-) mine are 644 as 755 doesnt work no idea why but i cant even install files with 755 ------------------ www.b2g-clan.co.uk European PS3 Clan
|
Inaktiv |
| |
| esse999 Thread-Ersteller Beginner Beiträge: 8 |
# Antwort: 17 - 14.11.2011 um 10:36 Uhr
I thi nk the problem was the explore module, without it all running good. We received more attacks but all stopped without problem. We disabilited the module. Zuletzt editiert von esse999 am 14.11.2011 um 10:36 Uhr (1x Editiert) |
Inaktiv |
| |
| hajo VIP - Poster Herkunft: Barsbüttel Beiträge: 9411 |
# Antwort: 18 - 14.11.2011 um 20:32 Uhr
the explorer mod can be removed from clansphere without any issues, but clear the cache afterwards. if you get more details or urls on how they tried to hack you please provide them to us so that we can work on a fix. ------------------ ClanSphere - professional clan care starts here |
Inaktiv |
| |
Antworten: 18
Seite [1] |
|
| Sie müssen sich registrieren, um zu antworten. |
