Hack Access Restricted Folders
Hi,
I have a page for testing purposes its a regular form built in php, name, email, city, state and zip code are the fields that are required by the user. After submitting the form the data input will be sent via email and printed out to the user. Every field is checked for injection.
This page is inside a folder that is Restricted through .htaccess.
What happened is that someone hacked the site not the main site, but specifically this restricted folder and left an index page saying the site security is weak and easy to hack bla bla...?
My question is how could he/they get to this restricted folder? Nothing in the form could give them access so what could led to this? And one more thing I purchased the site few months ago, and I didn't publish it yet cause I didn't finish working on it yet? So I wonder how did they find it?
Could someone help me answering my questions?
I have a page for testing purposes its a regular form built in php, name, email, city, state and zip code are the fields that are required by the user. After submitting the form the data input will be sent via email and printed out to the user. Every field is checked for injection.
This page is inside a folder that is Restricted through .htaccess.
What happened is that someone hacked the site not the main site, but specifically this restricted folder and left an index page saying the site security is weak and easy to hack bla bla...?
My question is how could he/they get to this restricted folder? Nothing in the form could give them access so what could led to this? And one more thing I purchased the site few months ago, and I didn't publish it yet cause I didn't finish working on it yet? So I wonder how did they find it?
Could someone help me answering my questions?
Last Comment
Hi bprof2007. It's not necessary your fault.
Some web hosters have common aliases like /cgi-bin with obsolete software inside.
Also, as giltjr said apache is not the only way to break security.
You may perform vulnerability scanning of your host with Nessus (http://www.nessus.org/) , SAINT (http://www.saintcorporation.com/products/vulnerability_scan/saint/saint_scanner.html) or any other appropriate tool. Most 'hacekrs' going that way before trying to break security.
Also you may have weak or default ftp/php administration login/password or, even worse, 'hacker' may have access to your home computer and steal all your logins/passwords. Windows have multiple vulnerabilities for last 1-1.5 years, that allow remote user to gain access to your PC.
Some web hosters have common aliases like /cgi-bin with obsolete software inside.
Also, as giltjr said apache is not the only way to break security.
You may perform vulnerability scanning of your host with Nessus (http://www.nessus.org/) , SAINT (http://www.saintcorporation.com/products/vulnerability_scan/saint/saint_scanner.html) or any other appropriate tool. Most 'hacekrs' going that way before trying to break security.
Also you may have weak or default ftp/php administration login/password or, even worse, 'hacker' may have access to your home computer and steal all your logins/passwords. Windows have multiple vulnerabilities for last 1-1.5 years, that allow remote user to gain access to your PC.
Hi bprof2007. It's not necessary your fault.
Some web hosters have common aliases like /cgi-bin with obsolete software inside.
Also, as giltjr said apache is not the only way to break security.
You may perform vulnerability scanning of your host with Nessus (http://www.nessus.org/) , SAINT (http://www.saintcorporation.com/products/vulnerability_scan/saint/saint_scanner.html) or any other appropriate tool. Most 'hacekrs' going that way before trying to break security.
Also you may have weak or default ftp/php administration login/password or, even worse, 'hacker' may have access to your home computer and steal all your logins/passwords. Windows have multiple vulnerabilities for last 1-1.5 years, that allow remote user to gain access to your PC.
Some web hosters have common aliases like /cgi-bin with obsolete software inside.
Also, as giltjr said apache is not the only way to break security.
You may perform vulnerability scanning of your host with Nessus (http://www.nessus.org/) , SAINT (http://www.saintcorporation.com/products/vulnerability_scan/saint/saint_scanner.html) or any other appropriate tool. Most 'hacekrs' going that way before trying to break security.
Also you may have weak or default ftp/php administration login/password or, even worse, 'hacker' may have access to your home computer and steal all your logins/passwords. Windows have multiple vulnerabilities for last 1-1.5 years, that allow remote user to gain access to your PC.
oops, sorry for double post
ASKER
Thanks for responding
>>What is group id and user id on the index file?
I really can't tell, because I'm using cpanel and does show who is the owner of that file. But I uploaded it with the my account which has a full access to the site. The file permissions were 644.
>>>You may perform vulnerability scanning of your host with Nessus (http://www.nessus.org/) , SAINT (http://www.saintcorporation.com/products/vulnerability_scan/saint/saint_scanner.html) or any other appropriate tool.
I'm not allowed to do that with the hosting company.
>>>Also you may have weak or default ftp/php administration login/password or
My password was pretty strong one (12 alphanumeric + symbols)
>>>even worse, 'hacker' may have access to your home computer and steal all your logins/passwords.
I access this site from work behind a well configured firewall, and I don't save any password on my machine.
I don't use my home machine for work purposes.
>>>Windows have multiple vulnerabilities for last 1-1.5 years, that allow remote user to gain access to your PC.
I don't know who is that possible if I'm doing the updates and patches on a daily bases, and work behind well configured firewall, and don't go to any website what so ever, unless it is a well know website and use calling id as a website identifier.
>>What is group id and user id on the index file?
I really can't tell, because I'm using cpanel and does show who is the owner of that file. But I uploaded it with the my account which has a full access to the site. The file permissions were 644.
>>>You may perform vulnerability scanning of your host with Nessus (http://www.nessus.org/) , SAINT (http://www.saintcorporation.com/products/vulnerability_scan/saint/saint_scanner.html) or any other appropriate tool.
I'm not allowed to do that with the hosting company.
>>>Also you may have weak or default ftp/php administration login/password or
My password was pretty strong one (12 alphanumeric + symbols)
>>>even worse, 'hacker' may have access to your home computer and steal all your logins/passwords.
I access this site from work behind a well configured firewall, and I don't save any password on my machine.
I don't use my home machine for work purposes.
>>>Windows have multiple vulnerabilities for last 1-1.5 years, that allow remote user to gain access to your PC.
I don't know who is that possible if I'm doing the updates and patches on a daily bases, and work behind well configured firewall, and don't go to any website what so ever, unless it is a well know website and use calling id as a website identifier.
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Security
Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection. Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.
32K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
What is group id and user id on the index file?