1

Server hacked by single website

view story
linux-howto

http://forums.cpanel.net – Sir, We are running updated version of cpanel/whm. I have a question, How hacker can hack whole server by hacking single joomla website (old version)? I undersatnd he can hack CMS, so he should access only to this account files. So how he got whole server access? all other website access? Your reply will be appreciated. Thanks Regards, Simon (HowTos)

funckax's picture
Submitted by funckax on 02/23/2013

Stories similar to Server hacked by single website

Possible Duplicate: My server's been hacked EMERGENCY

Our website was hack, all the images in the server were deleted. This happened 3 times already. I asked my boss to change ftp access but he don't want to. Is there a way we can find out who did it? Probably, they know our ftp access? How do we stop it?

I have website, which is a very popular website, but from last two weeks several customers complain to me that my site was hacked and redirected to a porn website,

but whenever i check the website i cant see anything like that, users says they sometimes redirected to a porn website and then just in split of a second its gone and correct website appears.

I am a Linux/Unix noob, so please bear with me. Here is my situation:

I have a server (Debian Squeeze) on a LAN. I have installed Nginx web server on it. The server has Internet access to download and install packages.

My question:

Can I host a website so that when users on the LAN type:

http://abcd (no .com, .net, etc.)

into their browser, the website opens?

OK so I have a W2008 R2 server running a single website with about 100-200 visitors daily, and it also has MSSQL 2008 running on it for the same website.

Recently, when the server starts it uses a normal amount of RAM (about 40-50%) and then slowly but surely it climbs until it reaches 100% and no one can access the site anymore.

One of my sites has been the continuous target of the "Pharma Hack" - but it's using Drupal instead of Wordpress or Joomla. It is version 6, but it's updated to the latest version, and so are all of the modules that I have installed.

I've changed passwords, deleted offending files, completely redone the installation of the site, but somehow they continue to gain access..

I order VPS hosting with Windows 2008 server and a dedicated IP Address , and install IIS 7.5 and DNS services on the server,I hosted 3 websites on the server, it works well, and I can use my domain to access my website, now I hope to use IP address to access my website, how can I configure IIS? Thanks!

Possible Duplicate: How do I deal with a compromised server?

You wake up in the morning and check on your website. The index was hacked! You immediately open your ftp client and replace the index back to the original.

The hacker leaves a footprint to basque in the glory of his hack- his twitter handle.

On my website I am able to access my phpMyAdmin control panel by typing in the ip address followed by /phpmyadmin e.g.

http://18.129.514.29/phpmyadmin/ (note: not my real ip)

I also need to limit access to SSH, currently all you need to do to get access to the server login screen is type the ip address of the server which anyone can get a hold of by pinging the server.

What measure can I take t

[ubuntu] Was I hacked? 2 weeks 1 day ago

Hi all.

I notice some weird behavior in the computer from my work and it seems like someone was trying to hack in, but I'm not sure if he got through. The problem is that we have installed an ssh server in this pc and somebody (from work) created a account with an easy password and a hacker got access through this account.