|
|
|
|
||||
|
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
|
|||||||
| New Webmasters ask "How-To" questions here. This is where other fucking Webmasters help. |
|
|
Thread Tools |
04-03-2012, 01:15 PM
|
#1 |
|
Registered User
Industry Role:
Join Date: Jan 2012
Posts: 4
|
Am I being hacked? Code question
I have no web training, but really enjoy being thrown into it unexpectedly, and have been on the lookout for hackers. The old webmaster used a "backdoor" into the site, and deleted some pages, so I try to keep an eye on the access log to see who has been looking at what.
I came across a bunch of these types of codes: "GET /phpMyAdmin-2/index.php HTTP/1.1" "GET /phpMyAdmin/index.php HTTP/1.1" "GET /mysqladmin/index.php HTTP/1.1" "GET /db/index.php HTTP/1.1" It's a strange IP also, in another country, I have blocked it to be safe, but I wasn't sure if this was a way into the site? I don't want to go on a blocking rampage, but I don't normally see anyone trying to access anything php related, any insight is helpful. Thanks, Trix |
|
|
|
04-03-2012, 01:50 PM
|
#2 |
|
Confirmed User
Industry Role:
Join Date: May 2005
Location: UK
Posts: 1,201
|
They are phishing to see if you have admin/maintainance software on the site. You'll probably see a load of other types from that same IP as they run through known software that might be left on the site. Check of course that software isnt sitting on your site
|
|
|
|
|
04-03-2012, 07:41 PM
|
#3 |
|
Registered User
Industry Role:
Join Date: Jan 2012
Posts: 4
|
it's an old site, with many hands that have been in it, I wouldn't know where to look, but that answer definitely helped to steer me in the right direction.
many thanks! Trix |
|
|
|
|
04-04-2012, 02:31 PM
|
#4 |
|
Confirmed User
Industry Role:
Join Date: Oct 2011
Posts: 474
|
Backup ASAP, and upgrade your software (if possible).
__________________
|
|
|
|
|
04-04-2012, 06:48 PM
|
#5 |
|
Registered User
Industry Role:
Join Date: Jan 2012
Posts: 4
|
there is software involved? I access the site through c-panel, and have no knowledge of any upgrades that could be made. When the hack occurred (and the lawyers have ok'd me to talk about it), he was caught red-handed logging in with his own username, and two pages I was updating disappeared when he accessed them (I was accused of deleting them, by the hosting company, but I didn't). We are moving to a new server, but I still have years and years of files sitting around, not sure where to look for anything.
|
|
|
|
|
04-11-2012, 01:07 PM
|
#6 | |
|
Confirmed User
Industry Role:
Join Date: Jan 2002
Location: Miami Beach, FL
Posts: 203
|
Quote:
if code is 2xx page was found depending how old it is you may have been hacked, phpmyadmin is one of the mose insecure pieces of software out there, you should not have it unprotected, delete all the phpmyadmin installs , install a private secure by ip/login one save your self some headaches
__________________
Need help dealing with a hacked website? Contact me via icq 163583431 :D Premium Bandwidth Managed Servers, 12 Years in business xxxHOSTit.com I work for xxxhostit.com 
|
|
|
|
|
