my site is hosted in lunarpage and it geting hacked in from few month. i have done all things some of site saying (changing password like). finally 2 weeks ago i have blocked all ranges of Chinese ips. but today it again hacked. is there is any way to prevent Iframe hack?
+1
A:
To stop the hacks immediately, simply remove the feature you are talking about. Then you can come back implement a proper solution without the security hole.
Edit: I thought an iframe element was being exploited, but now I understand that a script/hacker injects an iframe element to redirect clients. I propose you take actions to increase security on the hosting of your web page, such as changing passwords more often and have them generated by a strong pw generator. You could do some searches for iframe hack on yourself.
Cecil Has a Name
2009-07-15 06:12:20
sorry what did you mean by "feature you are talking about"
Kombuwa
2009-07-15 06:18:23
he thought you meant that you started with an iframe, and that your iframe was getting hacked. I think
Assembler
2009-07-15 07:44:14
A:
What's happening in that iframe? Are you sending some kind of cookies in it? If so you may possibly allow hacking and make it easy for everyone? Please provide some code chunk!
stoimen
2009-07-15 06:15:16
+3
A:
Given your comment
Iframe hack is famos sql injection attack. mainly from .cn domains
- Identify SQL injection vulnerabilities in your system
- Close them (switching to parametrised queries is a good idea if you haven't already)
You could also use mod_security or similar to try to stop attacks before they get to your web application. I've experienced false positives though (as a user, and only with ASP.NET systems (note this is a tiny sample size)).
David Dorward
2009-07-15 06:38:01
+4
A:
If you're changing your passwords and the site still gets hacked, you might have a virus on your machine. I am not joking, I saw this once.
Just to make sure, request the FTP logs from the hosting (you may see some other machines connecting to your account)
Vlagged
2009-07-15 06:38:42
A:
Get a VPS or dedicated server and install Upload Guardian. It can stop iframe uploads in real time.
Steve
2009-11-09 14:56:27
A:
The question isn't so much about the iframe as how it got there and how to get rid of it. I believe what has happened is that you have stored your passwords in your FTP client. You have a trojan on your computer and it mines the passwords from the FTP client and then uploads the iframe to your index file. Also check your 404 file, if you have one. It will likely be there, too.
Here's what you need to do. First, get rid of the trojan on your computer. I suggest looking for this, "PWS:Win32/Daurso.gen!A" and delete it. Then go to your site(s) and remove the iframe from all pages. Next, change all of your passwords. Lastly, do not store the new passwords in your FTP client or anywhere else on your computer.
By the way, don't visit the URL listed in the iframe. It loads a ton of spyware. To get rid of spyware, I suggest using Malwarebytes (free). Use the full scan when you have time. It takes a long time (hours), if you have a lot of files.
Good luck.
Dan
2009-11-29 15:33:34