troubleshooting Question

Hack Access Restricted Folders

Avatar of bprof2007
bprof2007Flag for United States of America asked on
Apache Web ServerSecurityVulnerabilities
7 Comments1 Solution7358 ViewsLast Modified:
Hi,

I have a page for testing purposes its a regular form built in php, name, email, city, state and zip code are the fields that are required by the user. After submitting the form the data input will be sent via email and printed out to the user. Every field is checked for injection.

This page is inside a folder that is Restricted through .htaccess.

What happened is that someone hacked the site not the main site, but specifically this restricted folder and left an index page saying the site security is weak and easy to hack bla bla...?

My question is how could he/they get to this restricted folder? Nothing in the form could give them access so what could led to this? And one more thing I purchased the site few months ago, and I didn't publish it yet cause I didn't finish working on it yet? So I wonder how did they find it?

Could someone help me answering my questions?
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 7 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 7 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros