website hackings
in [Relativity]
|
Prev: SR/GR use absolute time to synchronize the GPS clocks with the ground clock.
Next: If the speed limit can speed up in the future space travel can go faster
From: Eric Baird on 6 Apr 2010 20:35 All my domains got hacked at the end of February. It was quite an elegant ".htaccess" redirect hack. Someone managed to break in and put conditional .htaccess redirection files onto every server directory that belonged to a domain root -- If you browsed a site directly or scanned it with a malware sitechecker, you got a clean bill of health ... but depending on how you arrived at the site, a redirect could kick in that sent you off to a somwhere nasty. Anyway, it's all good now, offending files deleted, passwords changed. Looking at my sorely-dented traffic statistics, it probably took me a-week-and-a-bit to realise that I'd been hacked, and a day to fix things. I think I'll be checking site statistics on a daily basis for a while. Google-logged referred visitor traffic has still only recovered to about two-thirds of what it was before the attack, so I don't know if people removed their links, or if the domains are on a security blacklist somewhere. Luckily, I knew what an .htaccess file //was//, so when I viewed the FTP'ed directories to see what the hell was going on and viewed the files in date order, and there was an .htaccess file sitting at the top of the list as "most recent", it became pretty obvious what had happened (since I don't particularly like the things and don't use them). I'm assuming that this wasn't targeted, but for anyone else here who runs a site ... be aware that this stuff is going on. =Erk= (Eric Baird) www.relativitybook.com
From: mluttgens on 14 Apr 2010 09:04
On 7 avr, 02:35, Eric Baird <-...@-.-> wrote: > All my domains got hacked at the end of February. > > It was quite an elegant ".htaccess" redirect hack. Someone managed to > break in and put conditional .htaccess redirection files onto every > server directory that belonged to a domain root -- If you browsed a > site directly or scanned it with a malware sitechecker, you got a > clean bill of health ... but depending on how you arrived at the site, > a redirect could kick in that sent you off to a somwhere nasty. > > Anyway, it's all good now, offending files deleted, passwords changed. > Looking at my sorely-dented traffic statistics, it probably took me > a-week-and-a-bit to realise that I'd been hacked, and a day to fix > things. I think I'll be checking site statistics on a daily basis for > a while. > > Google-logged referred visitor traffic has still only recovered to > about two-thirds of what it was before the attack, so I don't know if > people removed their links, or if the domains are on a security > blacklist somewhere. > > Luckily, I knew what an .htaccess file //was//, so when I viewed the > FTP'ed directories to see what the hell was going on and viewed the > files in date order, and there was an .htaccess file sitting at the > top of the list as "most recent", it became pretty obvious what had > happened (since I don't particularly like the things and don't use > them). > > I'm assuming that this wasn't targeted, but for anyone else here who > runs a site ... be aware that this stuff is going on. > > =Erk= (Eric Baird)www.relativitybook.com Interesting stuff: http://blog.javacoolsoftware.com/2008/12/anti-virus-2009-search-engine-redirect-hacks/ Marcel Luttgens |