Welcome to WebmasterWorld Guest from 188.8.131.52
Forum Moderators: phranque
Since my file has never been hacked - as far as I now -- I'm wondering who could have inserted this huge directory into my site and How can I prevent this happening again.
Any idea would been really appreciated
now you know ;)
The most common attacks are via some buggy script on your site or via the server your site is hosted on (if it's a shared server). Quite a few hosting companys run unsecure php-configurations that allow local attackers to put files and, thus, code into your directory.
To prevent: check where it came from. was it a buggy script on your site? was it a local attack on the server? If you're on a dedicated server, chances are the whole system is taken over, in that case: backup your stuff and have someone reinstall the server from crash. then, carefully add your stuff again, checking that you don't just put "infected" code back up.
You can always get yourself a programmer to analyze the problem and audit your scripts. And you might want to look into switching hosts if it turns out to be a security problem at your provider...
thanks for your answer
It is my server hosted at [snip]
it seems the directory was installed yesterday inside another directory, so may be it is someone that knows the site more than a server problem, may be someone that worked on it.
it was installed inside a directory
[edited by: phranque at 6:52 am (utc) on Mar. 13, 2009]
[edit reason] hosting specifics [/edit]
what do you mean "someone who worked on it"? do other people work on the site besides yourself? have you checked with all of them, maybe someone transfered the wrong directory. do you trust all of them?
Change your login password as well as your database password immediately, you may need to update the config file with the new information afterwards.
The hardest part will be finding the weakness, update everything the site uses to the latest version for starters.