shanehamelin Posted July 24, 2010 Posted July 24, 2010 Ok, my ISP warned me about a hack in my /images folder Im going thru the steps here for securing my site better and Im in the isp cpanel file manager and looking in my /images folder.. So I can delete anything "Fishy" I see a few files that raise my eyebrow: video.dot soft.dot default.dot goog1e7020b36a9972a3.php .nsh.php index.php style.css sitemap.html errorlog .cch load.swf and then all my .jpg and.gifs - should I only have images? Before I remove these files I want to ask, should I? I do have the images folder locked down in permissions, so no images on site atm but want to remove files first! Thanks so much! Shane
Guest Posted July 24, 2010 Posted July 24, 2010 Shane, Yes, pretty much anything that is not .jpg .gif .png .swf etc should not be there. There are a couple of contributions that used to put javascript files in the /images directory but that practice was discontinued long ago. Chris
Jan Zonjee Posted July 24, 2010 Posted July 24, 2010 I do have the images folder locked down in permissions, so no images on site atm but want to remove files first! Also add a .htaccess file to the images folder that will prevent these php scripts to run from there. The text that goes in there can be found here.
shanehamelin Posted July 24, 2010 Author Posted July 24, 2010 Hey Jan, Yes the "Code" that goes into the .htaccess file but how do I make one and do I just paste it in the images folder? Thanks Shane Also add a .htaccess file to the images folder that will prevent these php scripts to run from there. The text that goes in there can be found here.
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.