next »

[ptcpay]

There are three different aurora security holes that allow full access not only to your script, but to your whole server. Hackers can simply query your script for full database access, and a simple htaccess trick combined with an admin vulnerability will give them root access.

Currently I am a bit busy patching up some friend's sites. Once this is done I will post a patch for everyone else. I've left a few tips below.

1. If you're on a shared host you have a higher chance of getting hacked. It's much easier to get root access.

2. Make sure you have the following settings on your server, otherwise it's much easier:
Safe_mode= on
safe_mode_gid = Off
open_basedir = directory[:...]
safe_mode_exec_dir = directory[:...]
expose_php = Off
register_globals = Off
display_errors = Off
log_errors = On
error_log = filename

If you own your own VPS or dedicated, set this through PHP settings and not .htaccess. If you're on a shared host, .htaccess is your only chance.

3. Protect all your important directories with a password. Block all IP addresses from your MySQL and cPanel except yours.


Doing the above should keep you somewhat protected as long as you're running the latest patched PHP 5 version.

[Addons]

Thanks to let us an attention of that....

But we r here lots of, who have less knowledge about that, we need a proper solution from JT or other expert like u..

thanks again a lot for this sort of post. i personally love more security & unbreakable everything.... 

[Legit Sites]

Just got hit and so did another site on my sever. Will be having rylee look into it

[ptcpay]

it's not rylee's fault, he provides settings that are fine, mostly. The extra settings above are not because of him but because the script is not at all secure.

[Legit Sites]

My post was nothing agaisnt rylee all I meant was I will link him to hear and get him to check it out and make sure it won't affect his severs + get him to fix the settings on mine

[ptcpay]

I know, just clarifying . I'm working on this as I want to help all the site owners. If anyone who got hacked can send me their apache server logs I can do more.

[Legit Sites]

I don't know how to get them but you can surely have mine if they will help out and you tell me how to find them

[ptcpay]

http://www.cyberciti.biz/faq/apache-logs/

Follow that . Rylee is the only one who can get it probably.

[Addons]

http://www.cyberciti.biz/faq/apache-logs/

Follow that . Rylee is the only one who can get it probably.

understand nothing... out of my range 

[Legit Sites]

lol same

[ptcpay]

It's fine, I'll get one .

[clickinator]

what do you exspect for $20 and anyways hacker trap can protect you from this   
Any one trys changing anything blocks the there ip instantly

[ptcpay]

what do you exspect for $20 and anyways hacker trap can protect you from this   

No it can't . Hacker trap checks the URL construction of a query, but I can just send the query through the IP of the site instead of the domain and it's completely bypassed. 

[clickinator]

Okay when my site launches u can try mine to see how good GREENSQL is because its protects from most sql injection commands

would sanitizing all forms help?

Is this attack by the forms ?

[ptcpay]

Sanitizing forms only works when you don't have security holes. If you have a hole, the only way to fix it is to patch it.