Anybody else's site get hacked?


#1

All of my hosted sites (on alameda) got hacked today. Check it out at www.mcintoshwoodworking.com


#2

That’s pretty bad. Any clue as to how? Do you have an easily guessed password? Has dreamhost responsed with anything?


#3

your site looks fine?

any other details you can provide us with?


#4

Hey, it’s fine now. He must have restored it from backup, or something. To be fair to the OP, I just looked at it about an hour ago and it looked like a bunch of arabic with some hotmail addresses on it.


#5

Was it all your OSCommerce sites that got hacked? OR was it db or general shell access they got?

I lost a phpBB site to hackers, but they exploited a problem with phpBB, not a general dreamhost hack.

Its a concern that these PHP apps keep getting taken out…


#6

I have three different sites hosted on this plan. All of the sites had all content removed and replaced with the hack index file. Dreamhost claims it was done through oscommerce, but I’m not convinced. The password is not an easy one to guess, random letters, numbers, and symbols. Dreamhost did get it restored from backup.


#7

They don’t need the password to do it through OSCommerce. I’ve seen sites hacked through phpBB and they didn’t even USE the admin password.

Majority of the hacks I’ve seen onto PHP applications require use of register_globals. You have them on? I’d suggest turning them off. Old code, like OSCommerce is prone to new exploits found in things like addslashes(), register_globals and magic_quotes.


#8

Get rid of OS Commerce when you can. Development for it is basically dead. You’ll be lucky to get security patches for it when (not if) more exploits are found.