ismq Posted May 17, 2007 Share Posted May 17, 2007 Hi, My site was attack the weekend and I and my hosting company got an email from a Bank in Italy. The attacker put code into the /images dir. The image dir requires wide open permissions to work allowing someone to dump code in to the site. 1) Any solutions to block this access to the /images dir? Also they were able to change the protections on the files placed in my site so that I could not delete them with FTP. How did they do that and how can I protect against it in the future? Thank in advance for the advice Link to comment Share on other sites More sharing options...
Darky10 Posted May 17, 2007 Share Posted May 17, 2007 Hi, My site was attack the weekend and I and my hosting company got an email from a Bank in Italy. The attacker put code into the /images dir. The image dir requires wide open permissions to work allowing someone to dump code in to the site. 1) Any solutions to block this access to the /images dir? Also they were able to change the protections on the files placed in my site so that I could not delete them with FTP. How did they do that and how can I protect against it in the future? Thank in advance for the advice Normally you cannot delete folders because they have ht access or similar. If you can use linux command line you can create a script to kill the whole file. You can still delete some files then delete the ht access etc from your web hosting panel. Dont know about the images bit. I cannot access my images folder, but they show up, is that not a permissions thing? ask your host if they could suggest settings. Link to comment Share on other sites More sharing options...
radders Posted May 17, 2007 Share Posted May 17, 2007 osC only requires those permissions on the images file when you are uploading an image. At all other times it need not be writeable. Probably you have to change the permissions on the file before you can delete it. If your host has CPanel then such things are easier to do rather than using ftp. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.