Gossamer Forum
Home : Products : Links 2.0 : Discussions :

Links 2.0 Exploit?

Quote Reply
Links 2.0 Exploit?
I've been using links 2.0 for quite some time now with no issues until recently I received this message from my security software stating that someone exploited my site using the command: /usr/bin/perl nph-verify.cgi. The file opened was links/cgi-bin/admin/data/links.db and when I checked into it I found a link to a gaming site (binbang.com) so I removed it. How did this happen? How can I prevent it from happening again? I've double checked my permissions for the file in question and it is 644. Shouldn't this stop anyone from writing to this file?
Basshook
Quote Reply
Re: [Basshook] Links 2.0 Exploit? In reply to
Sorry it looks like when I changed servers I forgot to upload my htaccess file to protect my admin. Duh!! Thank goodness it wasn't a serious exploit or I would really be an idiot.Blush
Basshook
Quote Reply
Re: [Basshook] Links 2.0 Exploit? In reply to
hehe - its always the simple stuff =) ( I was gonna say it sounded more like a server protection issue, as people shouldn't have been able to access the admin folder Smile)

Cheers

Andy (mod)
andy@ultranerds.co.uk
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package (plugins total "value" $3,325 & rising, for just $350)| GLinks ULTRA Package PRO (plugins total "value" $5,625 & rising, for just $500)
Support Forum | Links SQL Plugins | DMOZ Dumps | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!
Compare our different Plugin packages *new* Free CSS Templates