compromised site

Posted by pinniger on Server Fault See other posts from Server Fault or by pinniger
Published on 2010-06-14T12:19:50Z Indexed on 2010/06/14 14:53 UTC
Read the original article Hit count: 184

Filed under:
|

So, I have a web site that has been compromised twice in two weeks. every index.php and .js file gets a script injecting into the source code of the file. The problem is that I have no idea how they're doing it. I've seen this done via sql injection before, but I don't know how they are actually writing to the file. I've dug through the Apache logs but didn't find anything interesting. The site is built using the cakephp framework on a godaddy shared server.

Anybody know what secturity settings or log files to check to see how they are doing this?

© Server Fault or respective owner

compromised site

Posted by pinniger on Stack Overflow See other posts from Stack Overflow or by pinniger
Published on 2010-06-14T12:19:50Z Indexed on 2010/06/14 12:22 UTC
Read the original article Hit count: 184

Filed under:
|

So, I have a web site that has been compromised twice in two weeks. every index.php and .js file gets a script injecting into the source code of the file. The problem is that I have no idea how they're doing it. I've seen this done via sql injection before, but I don't know how they are actually writing to the file. I've dug through the Apache logs but didn't find anything interesting. The site is built using the cakephp framework on a godaddy shared server.

Anybody know what secturity settings or log files to check to see how they are doing this?

© Stack Overflow or respective owner

Related posts about security

Related posts about cakephp