I've been using links 2.0 for quite some time now with no issues until recently I received this message from my security software stating that someone exploited my site using the command: /usr/bin/perl nph-verify.cgi. The file opened was links/cgi-bin/admin/data/links.db and when I checked into it I found a link to a gaming site (binbang.com) so I removed it. How did this happen? How can I prevent it from happening again? I've double checked my permissions for the file in question and it is 644. Shouldn't this stop anyone from writing to this file?
Basshook

Sorry it looks like when I changed servers I forgot to upload my htaccess file to protect my admin. Duh!! Thank goodness it wasn't a serious exploit or I would really be an idiot.
Basshook

hehe - its always the simple stuff =) ( I was gonna say it sounded more like a server protection issue, as people shouldn't have been able to access the admin folder )

Cheers

Andy (mod)
andy@ultranerds.co.uk

---

Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package | GLinks ULTRA Package PRO
Links SQL Plugins | Website Design and SEO | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!