Announcement

Collapse
No announcement yet.

Two actinic sites exploited??

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    Two actinic sites exploited??

    Hi,

    We have two actinic sites on our server, and both were exploited today.

    We had some backdoor php scripts uploaded to a DD directory on both sites.

    Is this a known problem?

    Any advice to plug this to prevent it happening again.

    Many thanks.

    Ian
    Tags: None
    #2
    At the time that these files were written a dummy order was submitted to the store - no credit card info was submitted to worldpay, so they bombed out at that stage.

    Comment

      #3
      Any exploits using PHP as a doorway into your folders is not an Actinic issue, but an update issue for the server software I am afraid.

      PHP has been known in the past to have some amazing vulnerabilities in it, but patches come out regularly to cover them once discovered, so keeping your server up to date is the way ahead for this one I am afraid and not so much Actinic providing a door way into the server folders for all to do as they wish (assuming you are not allowing 777 permissions on your folders and running other stuff which can write files under PHP in there are you)??

      So, an update of your servers security patches is probably the way.

      Comment

      Previous template Next
      Working...
      X