Avatar of AXISHK
AXISHK
 asked on

PHP Security

We are website provider and we find that some of the hosted website cause email bounced. Under further investigation, we find that a website has been use <frame> ... </frameset> and within the frameset, there is a redirection to use a php on another website - the original designer of the website.

Is it possible to disable frameset, or website redirection ? I am asked to review the existing infrastructure and give immediate action.

1. Is there any tools to to rescan all our existing websites and identify this kind of problem ?
2. Any solution to remedy this problem ?

Tks
PHPLinuxNetworking

Avatar of undefined
Last Comment
AXISHK

8/22/2022 - Mon
SOLUTION
Dave Baldwin

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Ray Paseur

It sounds like your server has been hacked.  You can scan all of the existing scripts for <frame> and <iframe> and manually check each instance of the results.  That is what I would do.  I agree with Dave -- I do not know any way to "turn off" features of HTML and even if I could, I would not do that because of the risk to legitimate clients who might depend on this functionality!  If you find that one account is causing the trouble, it would be fairly easy to disable that account until the owners correct the problem.
AXISHK

ASKER
Any idea how to write a script to quickly scan a folder and sub-folder , with say "iframe" and write the file and path to a log file ?
Ray Paseur

Yes, you can use recursivedirectoryiterator.  I'll try to find an example for you.
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
ASKER CERTIFIED SOLUTION
Ray Paseur

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
AXISHK

ASKER
Tks