my sites security

Posted: Sat Mar 18, 2006 10:24 pm

heres the thing, i have learned a lot about php, i can install sentinel and do a lot more to the nuke itself. now i got no webmaster to help me and im still new at all this...i try to help where i can.
my site was recently hacked
and i got no clue how...ive done days of research. they dropped the whole thing...database and the public_html
they also changed the user e-mail on my cpanel acount
this is where im lost...how in gods name can this happen??
my server is not vulnerable to many scripts at all
only the scripts that if u want php on it, u cant block em.
is there a way i can lock it down so to speak to make it so my site cannot get hacked like it was....im thinkin hacked isnt the right word...perhaps exploited would be....honestly got no clue as to how this happened...plz help..ty

Sells PC To Pay For Divorce Joined: Posts: 5661

well if your talking about cpanel then some one had the login.
cpanel also keeps logs like last visit of admin etc..

but your story sounds a bit hysterical,so maybe a well explained story would be nice starting at where and what exactly happend.

Posted: Sun Mar 19, 2006 5:09 am

Did´t you find anything in the logfiles ? I often search for the hackers name and check what they did with other sites to find out more.

Posted: Sun Mar 19, 2006 11:41 am

ok heres the thing...i got no clue where to start...i search the loggs and got the ip but thats it...i also got the time it happened. problem is i got no clue how or what he did to get the cpanel username and pass...ne ideas on where to begin. and i gave no1 the username and pass to my cpanel. my server owner can get it...and my partner in hosting....but i know niether would have gotten it and given it out....im askin more because i have no clue as to how it happened and if u like to see the site or talk to me more directly..plz look at my profile...it has all my contact info on it...1 more thing....im not trojaned or keylogged...first thing i thought as a possibility. Very Happy

registered · Posted: Sun Mar 19, 2006 4:29 pm

If they've gotten root access to your server, they can change anything they want. More likely is that you have the same passwords for FTP/Database/.. other accounts.

Posted: Mon Mar 20, 2006 2:53 pm

forgive me guys and thanx for all the posts...i found out how they got in and i increased security on my site...im currently in the process of rebuilding it...i learned of quite a few file edits to secure it more proficiently. most from this site and i believe i have a grasp on how this happened...first mistake...i made the admin pass and cpanel pass 1 in the same...wont do that again Laughing

2nd mistake...sentinel was not configured correctly. mind u i said configured..it was installed correctly. but now that i have read in detail on settin sentinel up and the ways ppl can run scripts to get passwords and such...most of which apparently sentinel can stop. i have made some things on my site not so easy..but the thing is i dont really have a grasp of how these ppl run exploits and such it seems ppl can input what appear to be sql commands in for usernames and such....i went with a your account module that allows me to keep certain usernames not allows with a form of wildcard feature....i believe this will help a lot....others r that they can upload into ur site...ussually avatars...others allow uploads for downloads and such...i dont allow ne uploads from my site except avatars...was hoping to find a way to allow those and have good security still...ne ideas on that???..other then that i believe i have done as much as i can.