Website hacked again
Website hacked again
@ <www.puppylinux.org>
same problem as before, hundreds of evil hyper link referals hidden with this CSS tag
<font style='position: absolute;overflow: hidden;height: 0;width: 0'>
same problem as before, hundreds of evil hyper link referals hidden with this CSS tag
<font style='position: absolute;overflow: hidden;height: 0;width: 0'>
I wonder how this keeps happening, and is the site running the latest version of php-fusion? (6.01.13). Maybe there's a permissions issue on some of the files. I run php-fusion on five different sites and haven't had this problem.
If the site's running an older version of php-fusion, it could be a security issue that needs to be looked into.
If the site's running an older version of php-fusion, it could be a security issue that needs to be looked into.
[size=75]"Whatever is subject to origination is all subject to cessation." - [i]Kutthi Sutta[/i].
[color=darkblue]Dell PowerEdge SC430 Server | 2Gb RAM | Pentium 4 | SATA | Puppy 4.2[/color][/size]
[color=darkblue]Dell PowerEdge SC430 Server | 2Gb RAM | Pentium 4 | SATA | Puppy 4.2[/color][/size]
corrected
Whoever it is, he can access the root folder to change index.html and chmod files in a subdirectory.
Files restored again. Hope we can move soon to a new host.
Files restored again. Hope we can move soon to a new host.
Puppy user since Oct 2004. Want FreeOffice? [url=http://puppylinux.info/topic/freeoffice-2012-sfs]Get the sfs (English only)[/url].
Re: corrected
If the problem is with the site software, moving to a new host may only be a temporary fix.raffy wrote:Whoever it is, he can access the root folder to change index.html and chmod files in a subdirectory.
Files restored again. Hope we can move soon to a new host.
Re: corrected
I don't know how to read that. Were files restored? If so then the site has been compromised again, after my post.raffy wrote:Whoever it is, he can access the root folder to change index.html and chmod files in a subdirectory.
Files restored again. Hope we can move soon to a new host.
In any event it's compromised at the time of this post.
Re: corrected
True. Looking at the source code doesn't reveal what version of the portal it's using, but the latest version is 6.01.13. There were some security issues in the previous versions such as with photogallery.php, etc. - these were mostly sql injection problems which have now been fixed as far as can be seen.tlchost wrote: If the problem is with the site software, moving to a new host may only be a temporary fix.
[size=75]"Whatever is subject to origination is all subject to cessation." - [i]Kutthi Sutta[/i].
[color=darkblue]Dell PowerEdge SC430 Server | 2Gb RAM | Pentium 4 | SATA | Puppy 4.2[/color][/size]
[color=darkblue]Dell PowerEdge SC430 Server | 2Gb RAM | Pentium 4 | SATA | Puppy 4.2[/color][/size]
New website
The new website will use another CMS, see here.
Puppy user since Oct 2004. Want FreeOffice? [url=http://puppylinux.info/topic/freeoffice-2012-sfs]Get the sfs (English only)[/url].
Sort of. Our usual web admin at the present site, Puppian, has fallen by the wayside. There will be not 1 but 4 web admins at the new site.Bruce B wrote:Q: Are we changing web admins?
One of the four, yes.Bruce B wrote:Q: Is WhoDo the admin?
Nope. The new web site is running on Linux, Apache, MySql and PHP, all the latest versions. The new CMS is Drupal 5.7 at the moment, but will be upgraded to 6.x or maybe 7.x when things have settled a little on the development front. Security should be much better, as we aren't sharing a cluster with pron sites (as we apparently are at servage.net).Bruce B wrote:Q: Do you know if it's running on Microsoft? Reason I ask, is well, if I find it is, I'm not even going to care what happens to it.
Hope that helps.
[i]Actions speak louder than words ... and they usually work when words don't![/i]
SIP:whodo@proxy01.sipphone.com; whodo@realsip.com
SIP:whodo@proxy01.sipphone.com; whodo@realsip.com
WhoDo,
Nobody likes a spellchecker on forums. But this time, considering how sweet and naive you are, I wish to say we spell porn - porn not pron.
Of course I've never actually seen porn, I just live close to the porn capitol of the world.
My good looking nephew knows most of the porn stars, and they like him, but he won't do anything with them. He has some idea one of the hazards of the business are STDs whatever that is.
Bruce
Nobody likes a spellchecker on forums. But this time, considering how sweet and naive you are, I wish to say we spell porn - porn not pron.
Of course I've never actually seen porn, I just live close to the porn capitol of the world.
My good looking nephew knows most of the porn stars, and they like him, but he won't do anything with them. He has some idea one of the hazards of the business are STDs whatever that is.
Bruce
Oh yeah another comment WhoDo - about Microsoft and Windows.
Six, seven or eight years ago, I'd roll up my sleeves and help people with their Windows problems. Users didn't have much alternative back then.
Today, I think people use Windows by default of ignorance or because they want to. My feelings is let them have the full experience. I don't want to use what little technical expertise I have trying to make something I don't believe in look good.
Six, seven or eight years ago, I'd roll up my sleeves and help people with their Windows problems. Users didn't have much alternative back then.
Today, I think people use Windows by default of ignorance or because they want to. My feelings is let them have the full experience. I don't want to use what little technical expertise I have trying to make something I don't believe in look good.
There are some valid reasons that people use windows...and your "helpful" attitude might really assist them in seeing the wisdom of investigating the ever-friendly world of another OS.Bruce B wrote: Today, I think people use Windows by default of ignorance or because they want to. My feelings is let them have the full experience. I don't want to use what little technical expertise I have trying to make something I don't believe in look good.
Of course we can always blame windows for a web site that runs on a linux server using Apache and php applications for the site being hacked...or maybe the evil users who use windows and visit the site are somehow leaving traces of evilness after their visit.
I don't want to help these criminals. THAT IS A SERIOUS MORAL AND ETHICAL CONSIDERATION.tlchost wrote:Bruce B wrote:
There are some valid reasons that people use windows...and your "helpful" attitude might really assist them in seeing the wisdom of investigating the ever-friendly world of another OS.
Let me mention also that Microsoft is a serious enemy of FOSS - I'll take sides in the war Microsoft insists it must have.
I am a Linux advocate, and helping Microsoft is not part and parcel with my being a Linux advocate.
Microsoft are big boys and they can help themselves and their user base as they please.
If there are valid reasons for people using Windows as you say and I'm sure there are, then why would someone need or want another OS?
On the other hand if I use my talents, (which are actually good when I can get my hands on the machine) and I make Windows work right - what incentive for looking into an alternative?
Let Microsoft frustrate their customers and I'll just sit by and do my thing on Linux and help people with Linux. And like I imply, let the Microsoft users which are Microsoft's supports work through their frustrations as they decide if it is really worth it.
Over three thousands posts and most of them were helping people with Linux. Very, very few were helping people with Microsoft.
And by extension you would/will not help a windows user? Perhaps you are confusing Micrsoft and your negative feeling about them with folks who use their OS and/or applications?Bruce B wrote:
I am a Linux advocate, and helping Microsoft is not part and parcel with my being a Linux advocate.
Well, let's see:Bruce B wrote: If there are valid reasons for people using Windows as you say and I'm sure there are, then why would someone need or want another OS?
A. Someone might realize that no OS is best for ALL tasks, and thus uses
the OS that gives them the best results,
B. Someone values their time, and may be more comfortable using an OS/application that works out of the box without having to install libraries, etc.
C. Someone who earns money in the computer field might have a need to use more than one OS.
D. There may be applications a user wants/needs that in his/her opinion that are more efficient or exisit for a different OS.
E. Someone might be forced to use an OS because of a work environment, yet want to learn about another platform.
See aboveBruce B wrote: On the other hand if I use my talents, (which are actually good when I can get my hands on the machine) and I make Windows work right - what incentive for looking into an alternative?
Your bias and anti-Microsoft attitude is quite clear. It does nothing to help anyone, Microsoft nor Linux users alike.Bruce B wrote: And like I imply, let the Microsoft users which are Microsoft's supports work through their frustrations as they decide if it is really worth it.
In someways it reminds me of someone is shop class who has become an expert with a ball peen hammer...and who insists that there is no place for a claw hammer, or a box hammer.....it's a valid attitude, but folks who have other tasks than those of peening might find it a bit tiresome.
Microsoft had their customer base. Those are the people who keep Microsoft in the money.And by extension you would/will not help a windows user? Perhaps you are confusing Micrsoft and your negative feeling about them with folks who use their OS and/or applications?
Let them have their reward for the money they pay. The good and the bad.
I've not given them a nickel in software for the last eight years. More people like me and Microsoft would have to compete rather than bully - if they want business.
If I bought Microsoft software, I'd feel guilty for helping such bad people.
I'd feel guilty if I helped you get your Microsoft running nice and smooth. Why should I do anything at all to help bad guys look good?
You are judging me and I'm not a criminal or a bad guy. Not that I'm bothered, I'm not.
How much harder should you judge criminal ethics and behavior?
I can tell you're not bothered...that's why you keep the thread going.Bruce B wrote: I'd feel guilty if I helped you get your Microsoft running nice and smooth. Why should I do anything at all to help bad guys look good?
You are judging me and I'm not a criminal or a bad guy. Not that I'm bothered, I'm not.
How much harder should you judge criminal ethics and behavior?
I never said you were a criminal or a bad guy...I might be tempted to use words like petty.
I think you did a marvelous job of avoiding most of the issues about user needs, user choice, etc. You aren't in any way paid to do customer support, are you? I know with your attitude if you worked for me, you'd be out the door....because the customers who need help simply wouldn't put up with you.
I'm glad that not all Linux and/or Windows devotees are as biased as you seem to be....
Linux folks are a whole diff breed from the win & even ~ real world.
http://linux.oneandoneis2.org/LNW.htm
http://linux.oneandoneis2.org/LNW.htm
In the linux crowd, you will certainly have folks who absolutely hate anything to do with win & they freely speak their minds here.Problem #3: Culture shock
Subproblem #3a: There is a culture
Windows users are more or less in a customer-supplier relationship: They pay for software, for warranties, for support, and so on. They expect software to have a certain level of usability. They are therefore used to having rights with their software: They have paid for technical support and have every right to demand that they receive it. They are also used to dealing with entities rather than people: Their contracts are with a company, not with a person.
Linux users are in more of a community. They don't have to buy the software, they don't have to pay for technical support. They download software for free & use Instant Messaging and web-based forums to get help. They deal with people, not corporations.
You use it because it's the appropraite tool for the job I would think. I wouldn't think you'd you it to erect framing for a house...unless you were absooutely certain that the Framing Company was evil, or that the only real, true and blessed hammer company was that that makes the ball peen version. Heck you might even create a nick name of Framez for the bad hammers.Sage wrote:Over here, we use a ball-pein hammer to peen over a metal edge. Allegorical, I presume.