Hi, when I open my site this moring it display a message that my account was hacked. I was upset and looked around to see what went wrong. I am still not too sure, but seems every thing is still in place. All of my files and password as far as I know are not touched. The only file I think got changed is index.html. It got replaced with hacker's signature. My hosting company told me the permission set on files and folders are not safe. I setup those permission according to the manual. I noticed index.html has write permission for all groups. Gossamer links set it automatically everyone I run build. So what should I do?
Apr 8, 2006, 11:11 AM
User (78 posts)
Apr 8, 2006, 11:11 AM
Post #2 of 7
Views: 2780
Apparently I think it's called mass defacements. Here is more info on the hack http://www.zone-h.org/..._defacer=Mosavi1986/
Apr 8, 2006, 4:30 PM
Enthusiast (559 posts)
Apr 8, 2006, 4:30 PM
Post #5 of 7
Views: 2750
Links Admin / Setup / Build Options - at the bottom:
build_file_per
Quote:
File permissions to set newly created pages to, use 666 if you want to switch between building from telnet, and building from shell. Use 644 if you are going to be running under cgiwrap, or only building from telnet. build_file_per
Apr 8, 2006, 6:09 PM
Staff (4101 posts)
Apr 8, 2006, 6:09 PM
Post #7 of 7
Views: 2737
The default permissions are very relaxed as more restrictive permissions can cause problems for certain webserver set ups. If you always build from the web, using more restrictive permissions will probably be okay. However, they probably won't help much since any intruders will be able to write to the file anyways. This is because they most likely will get access to your files through an unsecured script or vulnerability and get access through the script, which has the same permissions as GLinks does. That said, it's always nice to have permissions a little tighter.
Adrian
Adrian