Results 1 to 9 of 9
  1. #1
    Join Date
    Jul 2009
    Posts
    40

    IIS - Win 2003 Server - Constant Hacking

    I am running a PHP script on windows 2003 server, with IIS and PHP and mysql.

    My index.php is being hacked every day, and being replaced by index.htm file which is some hacked file(shows hacking message).

    How can i secure 'index.php' file and 'Main hosting folder (as many other 'unknown HTML files' are also present in it root folder)
    Last edited by Leaptopz; 09-21-2009 at 06:31 AM.

  2. #2
    Join Date
    Jul 2009
    Location
    India
    Posts
    54
    have you scanned your server for any trojan, backdoor and virus?

    which antivirus do you use?

  3. #3
    Join Date
    Jul 2009
    Posts
    40
    Quote Originally Posted by srvadmin View Post
    have you scanned your server for any trojan, backdoor and virus?

    which antivirus do you use?

    No Anti Virus. Can you please recommend a good free windows 2003 AV

  4. #4
    Join Date
    Jun 2008
    Location
    India
    Posts
    130
    first run a virus scan on your server...or else download the website backup to local computer and then scan.......................once you detected infected files remove them and update antivirus in server regularly..

  5. #5
    Join Date
    Jul 2009
    Posts
    40
    Quote Originally Posted by ianeeshps View Post
    first run a virus scan on your server...or else download the website backup to local computer and then scan.......................once you detected infected files remove them and update antivirus in server regularly..

    Please read my last post

  6. #6
    Join Date
    Feb 2004
    Location
    USA
    Posts
    1,572
    You should really be thinking about hiring someone to secure your server and to audit it frequently.

    Since you a running Windows, its a must do.

    Cheers.

  7. #7
    Join Date
    Jul 2007
    Posts
    2,051
    Things to do.

    1. Check the FTP permissions
    2. Check the FTP logs
    3. Check the website logs
    4. Perform OS Hardening of the server.
    5. Use MBSA to find out if you are missing critical patches and security updates.
    6. Use a good hardware firewall and change the common ports like RDP and SQL.

    There are lots of things to do to strengthen the Windows server.
    Prashant T.

    Don't run after Success. Run after Excellence and Success will soon follow.

  8. #8
    Join Date
    Mar 2004
    Location
    Singapore
    Posts
    6,990
    You may want to try this online scanner

    http://www.f-secure.com/en_EMEA/prod...es/blacklight/

    But do check your FTP. It could be that your FTP password is compromised.

  9. #9
    Join Date
    Dec 2002
    Location
    The Shadows
    Posts
    2,925
    Make sure the "write" bit in IIS is not checked.

    Also make sure your IIS user only has read access to the directory
    Dan Sheppard ~ Freelance whatever

Similar Threads

  1. Server Constant Crash
    By andrewklau in forum Dedicated Server
    Replies: 15
    Last Post: 01-04-2009, 12:23 AM
  2. Constant conneciton to a colocated server
    By TerraPollicitus in forum Colocation, Data Centers, IP Space and Networks
    Replies: 4
    Last Post: 09-05-2005, 02:02 AM
  3. Hacking server !!! not hacking accounts anymore
    By AndyJ in forum Hosting Security and Technology
    Replies: 22
    Last Post: 01-24-2005, 04:53 PM
  4. constant 100k/s outgoing transfer on a near-empty server?
    By cybotix in forum Hosting Security and Technology
    Replies: 2
    Last Post: 02-05-2003, 03:19 PM
  5. Constant hacking attempts
    By dbbrock1 in forum Web Hosting
    Replies: 12
    Last Post: 09-26-2002, 03:48 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •