Godaddy obaveštenje

Moderators: cicans, TheHacker

Locked
Rcoma01
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 139
Joined: Tue Feb 06, 2007 4:43 pm
Location: Zemun
Contact:

Godaddy obaveštenje

Post by Rcoma01 » Sat Nov 17, 2007 9:54 pm

Ovo mi je stigno na mejl

Code: Select all

Dear Sir/Madam,

It has come to our attention that you are running a vulnerable version of Mambo on your shared hosting account for autodijagnostika.eu. This vulnerability was exploited to upload malicious content to your hosting account. The malicious files have been removed and the vulnerable script has been disabled. Additionally a PHP.ini file has been added to prevent similar attacks. However, you will need to ensure that you either update or patch your Mambo software as soon as possible.

Please let us know if we can be of any further assistance.

Sincerely,
Advanced Hosting Support
A ovo su dodali u php.ini

Code: Select all

register_globals = off
allow_url_fopen = off
magic_quotes_gpc = on
register_globals= offrg_emulation=off
rg_emulation=off
upload_max_filesize = 10M
Izgleda da su promenili neke dozovle na serveru, jer ceo sajt radi ali nemogu ništa u backend. Sreća ima kompletan bekap fajlova jer prebacujem ceo sajt na zajednički hosting.
Može li mi neko reći da li je ovo bio neki ozbiljan napad i je li bio napad uopšte ?

User avatar
Leftfield
Joomla! Virtuoso
Joomla! Virtuoso
Posts: 4432
Joined: Fri Dec 08, 2006 3:33 am
Contact:

Re: Godaddy obaveštenje

Post by Leftfield » Sat Nov 17, 2007 10:00 pm

Jok. Samo te obavjestavaju da ti nije apdejtovana ili zasticena verzija joomle koju picis.
Zahtjevaju od tebe da je apdejtujes i/ili zastitis pomocu php.ini fajla itd itd.
Joomla Templates and Plugins /https://youjoomla.com/

Rcoma01
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 139
Joined: Tue Feb 06, 2007 4:43 pm
Location: Zemun
Contact:

Re: Godaddy obaveštenje

Post by Rcoma01 » Sat Nov 17, 2007 10:05 pm

Ok hvala koristim najnoviju verziju joomle, verovatno nije php.ini pravilno bio podešen.
Jedno pitanje za php.ini
Na hostu imam nekoliko foldera i u svakom je različita joomla znači
folder 1
folder 2
folder 3
Ako ja postavim php.ini u folder 1 on će se odnosti samo na foledr 1 i sve podfoldere unutar fodler-a 1 ?
Ako ga postavim u root važiće za sve foldere, da li sam u pravu ili ne ?

User avatar
Leftfield
Joomla! Virtuoso
Joomla! Virtuoso
Posts: 4432
Joined: Fri Dec 08, 2006 3:33 am
Contact:

Re: Godaddy obaveštenje

Post by Leftfield » Sat Nov 17, 2007 11:10 pm

Ne. U sustini ako Ti pravis php.ini fajl moras ga ubaciti u ama bas svaki folder. Ama bas svaki.
Joomla Templates and Plugins /https://youjoomla.com/

User avatar
beljic
Joomla! Apprentice
Joomla! Apprentice
Posts: 23
Joined: Tue Jul 31, 2007 9:17 am
Location: Belgrade
Contact:

Re: Godaddy obaveštenje

Post by beljic » Sun Nov 18, 2007 6:02 pm

php.ini je u potpunosti bio u suprotnosti sa sigurnosnim preporukama

register_globals = off - pogledaj http://www.php.net/manual/en/security.globals.php u vezi koriscenja globalnih promenljivih

allow_url_fopen = off - dozvoljava otvaranje fajlova preko URL-a (npr. script.php?page=http://www.example.com/evilscript.php) sto moze biti veoma opasno

magic_quotes_gpc = on - Osnovna mera zastite protiv SQL injection napada - dodaje navodnike oko svih ulaznih podataka
register_globals= offrg_emulation=off
rg_emulation=off  - ovo nisam siguran sta je
upload_max_filesize = 10M - verovatno ti je maksimalna velicina fajla bila prevelika - isto sigurnosni rizik

Rcoma01
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 139
Joined: Tue Feb 06, 2007 4:43 pm
Location: Zemun
Contact:

Re: Godaddy obaveštenje

Post by Rcoma01 » Sun Nov 18, 2007 6:48 pm

Taj php.ini su oni prepravili, ja sam imao samo ovo
register_globals = off
upload_max_filesize = 10M


Locked

Return to “Bezbednost”