Malware Related > Compromised Servers

Very Frustrated...Websites Compromised

<< < (3/6) > >>

MysteryFCM:
Change;


--- Code: ---$contact_name = $_POST['name'];
$contact_email = $_POST['email'];
$contact_subject = $_POST['subject'];
$contact_message = $_POST['message'];

if( $contact_name == true )

--- End code ---

To;


--- Code: ---$contact_name = $_POST['name']; $contact_name=stripslashes(htmlspecialchars($contact_name, ENT_QUOTES));
$contact_email = $_POST['email']; if(strpos($contact_email, "@")==false){die('E-mail invalid');}
$contact_email = stripslashes(htmlspecialchars($contact_email, ENT_QUOTES));
$contact_subject = $_POST['subject']; $contact_subject=stripslashes(htmlspecialchars($contact_subject, ENT_QUOTES));
$contact_message = $_POST['message']; $contact_message=stripslashes(htmlspecialchars($contact_message, ENT_QUOTES));

if(isset($_POST['email']) && isset($_POST['message']))
--- End code ---

MysteryFCM:
I also wrote a spambot filter that you may want to consider adding to your forms;

http://support.it-mate.co.uk/?mode=Products&p=spambotsearchtool

There's a vanilla PHP mod at;

http://forum.hosts-file.net/viewtopic.php?f=69&t=1597

#41baby:
Hello,

I cannot express how much I appreciate this.

Should I change it and upload AFTER the new passwords are in place?

I was thinking, I could delete the entire website and upload my backups after I do a double check of my computer.  I know none of web pages on my computer are effected.  Still, the virus could be on my computer.  I will get it checked using ALL the methods you mentioned above.

Thanks,

DN

MysteryFCM:
If you've got a backup, even better. This will save you having to identify shells and manually remove malicious code. However, this should only be done AFTER;

1. FTP passwords are changed
2. Your machine is confirmed as clean (unless of course, you do this from a secondary machine known to be clean)
3. ALL files currently on your sites FTP server are deleted

Again, I must stress, if this is done before the passwords are changed and before the machine is confirmed as clean, there is nothing preventing this happening again.

#41baby:
Hello,

I checked my website's server and I do not see any files I do not recognize.  Every file that is on the server, that is on my computer is clean. 

I will follow your instructions to the letter.

Thank you,

Derek

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version