Malware Related > Compromised Servers

Very Frustrated...Websites Compromised

<< < (3/6) > >>


--- Code: ---$contact_name = $_POST['name'];
$contact_email = $_POST['email'];
$contact_subject = $_POST['subject'];
$contact_message = $_POST['message'];

if( $contact_name == true )

--- End code ---


--- Code: ---$contact_name = $_POST['name']; $contact_name=stripslashes(htmlspecialchars($contact_name, ENT_QUOTES));
$contact_email = $_POST['email']; if(strpos($contact_email, "@")==false){die('E-mail invalid');}
$contact_email = stripslashes(htmlspecialchars($contact_email, ENT_QUOTES));
$contact_subject = $_POST['subject']; $contact_subject=stripslashes(htmlspecialchars($contact_subject, ENT_QUOTES));
$contact_message = $_POST['message']; $contact_message=stripslashes(htmlspecialchars($contact_message, ENT_QUOTES));

if(isset($_POST['email']) && isset($_POST['message']))
--- End code ---

I also wrote a spambot filter that you may want to consider adding to your forms;

There's a vanilla PHP mod at;


I cannot express how much I appreciate this.

Should I change it and upload AFTER the new passwords are in place?

I was thinking, I could delete the entire website and upload my backups after I do a double check of my computer.  I know none of web pages on my computer are effected.  Still, the virus could be on my computer.  I will get it checked using ALL the methods you mentioned above.



If you've got a backup, even better. This will save you having to identify shells and manually remove malicious code. However, this should only be done AFTER;

1. FTP passwords are changed
2. Your machine is confirmed as clean (unless of course, you do this from a secondary machine known to be clean)
3. ALL files currently on your sites FTP server are deleted

Again, I must stress, if this is done before the passwords are changed and before the machine is confirmed as clean, there is nothing preventing this happening again.


I checked my website's server and I do not see any files I do not recognize.  Every file that is on the server, that is on my computer is clean. 

I will follow your instructions to the letter.

Thank you,



[0] Message Index

[#] Next page

[*] Previous page

Go to full version