Website Keeps getting Hacked , Help!

[james_k1988]

Hey there,

Me and a friend run a MG Clan (were called {TDK} ). We Have a server box, and a website both of which are run by Alphafrag. All has been well up until today.

We went onto the site to find it had been hacked, there was pictures all over it of something stupid. There was an alias as well but i cant recall what it was. I dont know to mucha bout websites, but i can say that the site is on PhpNuke. It WAS here www.todiekilling.co.uk , an whoever it was, they wiped all the stuff on it.

Does anyone know how to make sure that doesnt happen?( fix mybye) Or how it happens in the first place? cause we dont wanna put up anotehr site for it to be hacked again

Cheers

 

[RealBlackStuff]

The password to get into that site must have been rather easy to crack/hack.
Just notify the hosting company, then change the password to something really complicated, using numbers, special characters if allowed, and small and CAPITAL letters in a sequence of at least 12-16 characters, something like Wt4Q}2zHp3V$_8qM
Some hosting companies offer encrypted password.
Once changed, upload your stuff again.

 

[james_k1988]

Righto m8, ive passed on the info the guy who handles our website. Like me hes just learning lol

Thanx for the help

 

[Spike]

the site is on PhpNuke

I don't know whether it's deserved or not, but in some quaters, phpNuke has a bit of a bad reputation for security... http://www.google.co.uk/search?hl=en&q=phpnuke+security&meta=

Quite possibly, the Siteground.com result may provide the true reason for this...

Because PHP-Nuke is so popular, it is a frequently attacked target of those, looking for security flaws. Also, since it contains a port of phpBB2, it also has to deal with the security issues of that piece of software as well.

It is important to note that many of the security risks involved may be blocked by following a few key guides:

Never use the default table prefix, change it to something unique and do not publish it,
Disable PHP's register_globals setting,
Disable the ability to display_errors.
Do not use versions that include the TinyMCE WYSIWYG Editor. Many security features had to be removed from PHP-Nuke in order for this editor to work.
In a production environment, the above will keep critical information from leaking. Since many SQL injection attacks make use of default table names, changing the prefix is a good idea - one not much discussed.

NB: These recommendations are not applicable only for PHP-Nuke. Executing them for any PHP based content management system is suggested.

However, while changing the default table prefix is all fine and dandy, it might be a bad idea to turn off the error display if you aren't php experienced, due to the fact that if it goes wrong, you may need to copy and paste the error somewhere to get it fixed.

I would say though that RBS is likely to know more about this stuff than I do, as he works with CMS all the time, where I personally am only just looking into it (again!) for a site I've been asked to create.

 

[Nodsu]

http://search.securityfocus.com/sws...h!&metaname=swishtitle&sort=swishlastmodified

Have fun reading these and never get any good night sleep

If you have a server exposed to the internet, keeping track of security issues and fixing them is one of your biggest concerns. Never think that you can just install something and leave it running for years. Your operating system hopefully has a mailing list or something similar where security issues get reported. Subscribe to it.