Announcement

Collapse
No announcement yet.

SQL Injection attacks!

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • SQL Injection attacks!

    I've just spent most of the morning cleaning all my sites after a SQL injection attack. Even sites with flat files were affected, the attack comprised of:

    Deleting some javascript files
    Injecting random html, asp, php javascript files with binary code javascript
    Adding directories and html, htc files with links to a weight loss website(!)

    First I heard about it was through Google Webmaster Tools.

    Seems like cyber attacks are on the increase, just cleaned a clients site down with similar attack.

  • #2
    My Joomla sites got hammered several times each over the last 4 months, been a nightmare to keep up with. Google blocked 2 of my sites because of. Been attack free for a month maybe, thanks to akeeba tools largely i think.


    Nvm, spoke too soon lol. Redirects in the .htaccess after I just checked

    Sent from my SGH-T989 using Tapatalk 2


    I am just a voluntary moderator here, I do not speak for eUKhost officially!

    Comment


    • #3
      Re: SQL Injection attacks!

      true that seems some sort of outbreak..
      have read somewhere that hackers are going to launch a mass-attack worldwide targeting wordpress sites..!
      Taking over the rest..!

      Comment


      • #4
        Re: SQL Injection attacks!

        Maybe make the .htaccess file permission completely unwritable by anyone?

        I think EUKHost need to clamp down on sloppy scripting. Another of my clients hosts run software that detects badly formed code and suspends sites that don't use best practice (like paramatise recordsets, close connections etc)

        Comment


        • #5
          Re: SQL Injection attacks!

          Originally posted by Phatman View Post
          Maybe make the .htaccess file permission completely unwritable by anyone?

          I think EUKHost need to clamp down on sloppy scripting. Another of my clients hosts run software that detects badly formed code and suspends sites that don't use best practice (like paramatise recordsets, close connections etc)
          It would prove as a double sided sword, wont it ? as the users who are not well versed with coding will be on the losing end.... Like me
          Last edited by Claptone; 14-05-2013, 18:11. Reason: word correction

          Comment


          • #6
            Re: SQL Injection attacks!

            Hi,

            Considering the fact that SQL injection are on large, make sure that you have a proper set of access rules written on .htaccess.

            It is also a good practice to set rules in .htaccess for blocking access to sensitive files.

            Comment


            • #7
              Re: SQL Injection attacks!

              Our MTvScan ( Malware Trojan vulnerability scanner ) tool is almost ready and will be available for all our customers by the end of this month. We were advised by Gartner to work on this tool, as the world would have serious trouble from hackers in next 3 - 4 years. those who wish to test our MTvScan tool and give their feedback are most welcome to open a support ticket from our helpdesk and request demo login. there are minor bugs in the beta version which are being fixed, but you are most welcome to try the beta version for next 10 - 15 days and revert with your suggestions.

              some of my friends are testing this tool from last 1 month and they have managed to fix all the bugs they had in their websites. those who have third party applications installed on their websites will be highly benefited from this tool.
              eUKhost - eNlight Cloud Hosting || eUKhost Knowledgebase
              Toll Free : 0808 262 0255 || Skype : mark_ducadi

              Comment


              • #8
                Sounds like a good tool, I wouldn't mind trying it. I know another customer with yous that would too.

                Sent from my SGH-T989 using Tapatalk 2


                I am just a voluntary moderator here, I do not speak for eUKhost officially!

                Comment


                • #9
                  Re: SQL Injection attacks!

                  Sounds Promising!

                  Comment


                  • #10
                    Re: SQL Injection attacks!

                    Beta version is free, so make the most out of it and get a detailed report generated from the MTvScan portal for all the vulnerabilities in your website.
                    eUKhost - eNlight Cloud Hosting || eUKhost Knowledgebase
                    Toll Free : 0808 262 0255 || Skype : mark_ducadi

                    Comment


                    • #11
                      Re: SQL Injection attacks!

                      I put a ticket in.
                      I have ran some tests on my personal dedicated box with Backtrack Linux and it actually came out of it pretty good, no major issues. THe biggest problem with Wordpress, Joomla and the other CMS I find is the 3rd party plugins.


                      I am just a voluntary moderator here, I do not speak for eUKhost officially!

                      Comment


                      • #12
                        Re: SQL Injection attacks!

                        Hi Brian,

                        I have replied to your ticket.
                        James Anderson
                        eUKhost Ltd
                        Skype - jameswebuk
                        Email - james [@] eukhost.com

                        Comment

                        Working...
                        X