Results 1 to 9 of 9
-
09-21-2009, 06:24 AM #1Junior Guru Wannabe
- Join Date
- Jul 2009
- Posts
- 40
IIS - Win 2003 Server - Constant Hacking
I am running a PHP script on windows 2003 server, with IIS and PHP and mysql.
My index.php is being hacked every day, and being replaced by index.htm file which is some hacked file(shows hacking message).
How can i secure 'index.php' file and 'Main hosting folder (as many other 'unknown HTML files' are also present in it root folder)Last edited by Leaptopz; 09-21-2009 at 06:31 AM.
-
09-21-2009, 08:01 AM #2Junior Guru Wannabe
- Join Date
- Jul 2009
- Location
- India
- Posts
- 54
have you scanned your server for any trojan, backdoor and virus?
which antivirus do you use?
-
09-21-2009, 08:31 AM #3Junior Guru Wannabe
- Join Date
- Jul 2009
- Posts
- 40
-
09-21-2009, 08:32 AM #4WHT Addict
- Join Date
- Jun 2008
- Location
- India
- Posts
- 130
first run a virus scan on your server...or else download the website backup to local computer and then scan.......................once you detected infected files remove them and update antivirus in server regularly..
-
09-21-2009, 09:24 AM #5Junior Guru Wannabe
- Join Date
- Jul 2009
- Posts
- 40
-
09-21-2009, 09:30 AM #6Temporarily Suspended
- Join Date
- Feb 2004
- Location
- USA
- Posts
- 1,572
You should really be thinking about hiring someone to secure your server and to audit it frequently.
Since you a running Windows, its a must do.
Cheers.
-
09-21-2009, 09:46 AM #7Eternal Learner
- Join Date
- Jul 2007
- Posts
- 2,051
Things to do.
1. Check the FTP permissions
2. Check the FTP logs
3. Check the website logs
4. Perform OS Hardening of the server.
5. Use MBSA to find out if you are missing critical patches and security updates.
6. Use a good hardware firewall and change the common ports like RDP and SQL.
There are lots of things to do to strengthen the Windows server.Prashant T.
Don't run after Success. Run after Excellence and Success will soon follow.
-
09-21-2009, 10:06 AM #8Retired Moderator
- Join Date
- Mar 2004
- Location
- Singapore
- Posts
- 6,990
You may want to try this online scanner
http://www.f-secure.com/en_EMEA/prod...es/blacklight/
But do check your FTP. It could be that your FTP password is compromised.
-
09-21-2009, 01:43 PM #9Web Hosting Master
- Join Date
- Dec 2002
- Location
- The Shadows
- Posts
- 2,925
Make sure the "write" bit in IIS is not checked.
Also make sure your IIS user only has read access to the directoryDan Sheppard ~ Freelance whatever
Similar Threads
-
Server Constant Crash
By andrewklau in forum Dedicated ServerReplies: 15Last Post: 01-04-2009, 12:23 AM -
Constant conneciton to a colocated server
By TerraPollicitus in forum Colocation, Data Centers, IP Space and NetworksReplies: 4Last Post: 09-05-2005, 02:02 AM -
Hacking server !!! not hacking accounts anymore
By AndyJ in forum Hosting Security and TechnologyReplies: 22Last Post: 01-24-2005, 04:53 PM -
constant 100k/s outgoing transfer on a near-empty server?
By cybotix in forum Hosting Security and TechnologyReplies: 2Last Post: 02-05-2003, 03:19 PM -
Constant hacking attempts
By dbbrock1 in forum Web HostingReplies: 12Last Post: 09-26-2002, 03:48 AM