I have a website that keeps on getting hacked... - GoFuckYourself.com

FreeHugeMovies · 05-25-2016, 01:58 PM

Custom made script, PHP. Host doesn't want to help.

Suggestions?

BigFurry · 05-25-2016, 02:06 PM

Step 1. Get a good PHP coder to look at the script.

Step 2. Get an actual expert to do a security audit.

If you have no money to spend, there are some tips here:
appsec - How to perform a security audit for a PHP application? - Information Security Stack Exchange

FreeHugeMovies · 05-25-2016, 02:07 PM

Host is telling me to go here.

https://sucuri.net

I don't want to pay a monthly fee for their firewall.

roxpoxy · 05-25-2016, 02:12 PM

sucuri.net is a good start.

does your script use a database? have an admin area with elevated privledges?
allow uploads of images or posting of text?

if you can, scan all files for "base64_decode(" & other common tale tale signs of compromise. "can't remember off the top of my head but a quick google search should point you in the right direction".

FreeHugeMovies · 05-25-2016, 02:13 PM

Quote:

Originally Posted by roxpoxy

sucuri.net is a good start.

does your script use a database? have an admin area with elevated privledges?
allow uploads of images or posting of text?

if you can, scan all files for "base64_decode(" & other common tale tale signs of compromise. "can't remember off the top of my head but a quick google search should point you in the right direction".

Yes, it does, but I don't update the website anymore.

I am afraid I am not that technical to do the simplest of programming.

Sly · 05-25-2016, 02:15 PM

Custom scripts often have security issues. Sometimes from laziness, sometimes because the coder simply didn't know better. Odds are your script is also on the older side, meaning no updates in years, making matters even worse.

If you care about your site, spend the money to get it patched up. Otherwise there is not much that can be done.

FreeHugeMovies · 05-25-2016, 02:17 PM

Quote:

Originally Posted by Sly

Custom scripts often have security issues. Sometimes from laziness, sometimes because the coder simply didn't know better. Odds are your script is also on the older side, meaning no updates in years, making matters even worse.

If you care about your site, spend the money to get it patched up. Otherwise there is not much that can be done.

Yes, that's what I am looking to do. The site doesn't bring in a whole lot of money, but it's getting hacked WEEKLY. LOL

BigFurry · 05-25-2016, 02:25 PM

Yeah I guess if it's possible to disable all user input (forms, uploads), and make the site "read only", that can be a solution. :p

Unless you have some bad file in your system already. :p

FreeHugeMovies · 05-25-2016, 02:34 PM

Quote:

Originally Posted by BigFurry

Yeah I guess if it's possible to disable all user input (forms, uploads), and make the site "read only", that can be a solution. :p

Unless you have some bad file in your system already. :p

So, if I remove all the malware, can I then make it read only and the website will be safe?

Klen · 05-25-2016, 02:45 PM

Quote:

Originally Posted by FreeHugeMovies

So, if I remove all the malware, can I then make it read only and the website will be safe?

If you dont plan to update site anymore, you could simply convert all content to HTML format and delete anything in PHP.

BigFurry · 05-25-2016, 02:58 PM

Quote:

Originally Posted by FreeHugeMovies

Host is telling me to go here.

https://sucuri.net

I don't want to pay a monthly fee for their firewall.

They could have meant this tool:
https://sitecheck.sucuri.net/

Quote:

Originally Posted by FreeHugeMovies

So, if I remove all the malware, can I then make it read only and the website will be safe?

Well your chances would definitely improve. As roxpoxy said, many breaches are done through Forms and Uploads.

But I guess it's also not impossible that some PHP scripts get hacked just by using simple URL parameters, if they're done really badly. It's not my expertise, just guessing really.

Quote:

Originally Posted by KlenTelaris

If you dont plan to update site anymore, you could simply convert all content to HTML format and delete anything in PHP.

That would work :-)

FreeHugeMovies · 05-26-2016, 07:14 AM

Any of you fuckers want to help and get paid for your time? =]

LMK

sandman! · 05-26-2016, 12:18 PM

Ask your host to change all the permissions they can to read only any decent managed host should have at least 1 tech with coding skills that can do this for you.

Colmike9 · 05-26-2016, 12:32 PM

Quote:

Originally Posted by sandman!

Ask your host to change all the permissions they can to read only any decent managed host should have at least 1 tech with coding skills that can do this for you.

I use Filezilla to do that, is that as good as any other way to change permissions or is there another way that I should do it to be safer?

NatalieK · 05-26-2016, 12:39 PM

Quote:

Originally Posted by Colmike7

I use Filezilla to do that, is that as good as any other way to change permissions or is there another way that I should do it to be safer?

this

FreeHugeMovies · 05-26-2016, 12:53 PM

Everything changed to read only. Let's see if I get fucked in a week or two!

TrafficRush · 05-26-2016, 01:16 PM

contact WOJ he can help! or quantox

celandina · 05-27-2016, 06:57 AM

About to launch a new site, just marking this thread in case I run into the same issues.

MrBeavis · 05-27-2016, 08:44 AM

Wordpress website?

freecartoonporn · 05-27-2016, 08:51 AM

contact woj, and get your php code updated and look for user input sanitization.

NatalieK · 05-27-2016, 09:10 AM

Quote:

Originally Posted by freecartoonporn

contact woj, and get your php code updated and look for user input sanitization.

woj is fantastic for "getting the job done" and "great service"

05-25-2016, 01:58 PM	#1
FreeHugeMovies Too lazy to set a custom title Join Date: Dec 2001 Location: Charlotte, NC Posts: 14,137	I have a website that keeps on getting hacked... Custom made script, PHP. Host doesn't want to help. Suggestions?

05-25-2016, 02:12 PM	#4
roxpoxy Confirmed User Industry Role: Join Date: Jan 2015 Posts: 93	sucuri.net is a good start. does your script use a database? have an admin area with elevated privledges? allow uploads of images or posting of text? if you can, scan all files for "base64_decode(" & other common tale tale signs of compromise. "can't remember off the top of my head but a quick google search should point you in the right direction". __________________ https://camswhore.com えろ

05-25-2016, 02:15 PM	#6
Sly Let's do some business! Industry Role: Join Date: Sep 2004 Location: Austin, TX Posts: 31,323	Custom scripts often have security issues. Sometimes from laziness, sometimes because the coder simply didn't know better. Odds are your script is also on the older side, meaning no updates in years, making matters even worse. If you care about your site, spend the money to get it patched up. Otherwise there is not much that can be done. __________________ Vacares - Web Hosting, Domains, O365, Security & More - Paxum and BTC Accepted Windows VPS now available Great for TSS, Nifty Stats, remote work, virtual assistants, etc. Click here for more details.

05-26-2016, 12:18 PM	#13
sandman! Icq: 14420613 Industry Role: Join Date: Mar 2001 Location: chicago Posts: 15,432	Ask your host to change all the permissions they can to read only any decent managed host should have at least 1 tech with coding skills that can do this for you. __________________ Need WebHosting ? Email me for some great deals [email protected]

05-26-2016, 01:16 PM	#17
TrafficRush See My SIG! Industry Role: Join Date: Dec 2003 Location: Sunny Paradise Posts: 2,099	contact WOJ he can help! or quantox __________________ INTRALINK DSP \| SIGNUP TO MAKE BANK NOW Skype: Traffic-RushHour \| ICQ: 467617514

05-25-2016, 02:06 PM	#2
BigFurry Confirmed User Industry Role: Join Date: Nov 2003 Posts: 1,558	Step 1. Get a good PHP coder to look at the script. Step 2. Get an actual expert to do a security audit. If you have no money to spend, there are some tips here: appsec - How to perform a security audit for a PHP application? - Information Security Stack Exchange

05-25-2016, 02:07 PM	#3
FreeHugeMovies Too lazy to set a custom title Join Date: Dec 2001 Location: Charlotte, NC Posts: 14,137	Host is telling me to go here. https://sucuri.net I don't want to pay a monthly fee for their firewall.

05-25-2016, 02:25 PM	#8
BigFurry Confirmed User Industry Role: Join Date: Nov 2003 Posts: 1,558	Yeah I guess if it's possible to disable all user input (forms, uploads), and make the site "read only", that can be a solution. :p Unless you have some bad file in your system already. :p

05-26-2016, 07:14 AM	#12
FreeHugeMovies Too lazy to set a custom title Join Date: Dec 2001 Location: Charlotte, NC Posts: 14,137	Any of you fuckers want to help and get paid for your time? =] LMK

05-26-2016, 12:53 PM	#16
FreeHugeMovies Too lazy to set a custom title Join Date: Dec 2001 Location: Charlotte, NC Posts: 14,137	Everything changed to read only. Let's see if I get fucked in a week or two!

05-27-2016, 06:57 AM	#18
celandina Too lazy to set a custom title Industry Role: Join Date: Jun 2006 Posts: 11,436	About to launch a new site, just marking this thread in case I run into the same issues.

05-27-2016, 08:44 AM	#19
MrBeavis Confirmed User Industry Role: Join Date: Nov 2015 Location: The Netherlands Posts: 67	Wordpress website?

05-27-2016, 08:51 AM	#20
freecartoonporn Confirmed User Industry Role: Join Date: Jan 2012 Location: NC Posts: 7,683	contact woj, and get your php code updated and look for user input sanitization. __________________ SSD Cloud Server, VPS Server, Simple Cloud Hosting \| DigitalOcean