News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Greg Freeman:
How to Tell if Your PHP Site has been Hacked or Compromised
March 05, 2013 @ 12:54:14

In this recent post to his site Greg Freeman share some things to check for when you think your PHP site (any kind, even something like WordPress) might have been compromised.

A friend of mine recently had their site compromised, they were running an older version of IP.Board that is vulnerable to a local file inclusion vulnerability. This post won't be about IP.Board or any specific php code, it will show you how to locate potential malicious php code hosted on your servers and how to fix it. Finally I will give a brief explanation on what attacker's are uploading to compromised sites.

Among the things he recommends are tips like:

  • Check your Access Logs
  • Finding Recently Modified PHP Files
  • Finding obfuscated code
  • Always search your writable upload directories for executable code
  • Check .htaccess Files if you use Apache

You can find the descriptions for each of these (and some others to watch out for) in the full post.

0 comments voice your opinion now!
hack compromise checklist malicious code


blog comments powered by Disqus

Similar Posts

Greg Freeman: How to Tell if Your PHP Site has been Hacked or Compromised

Ars Technica: Questions abound as malicious phpMyAdmin backdoor found on SourceForge site

NetTuts.com: When You're Hacked in WordPress: Staying Safe Later On

Patrick Allaert's Blog: Coding standards: converts PHP4 style constructors to PHP5 one

Smashing Magazine: Starting An Open-Source Project


Community Events

Don't see your event here?
Let us know!


install podcast community api interview xdebug extension series language laravel5 unittest laravel example opinion voicesoftheelephpant library release framework introduction php7

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework