arijose Posted August 12, 2008 Share Posted August 12, 2008 somehow someone was able to append an iframe into all my web pages (actually write html to the files). This iframe pointed to a trojan horse on some server in russia. I do have a login field and wasn't validating the data. I have since added the strip_tags function to input data. Any other suggestions to prevent this attack? Thanks in advanced! Ari Link to comment https://forums.phpfreaks.com/topic/119395-my-php-website-was-hacked-need-help-preventing/ Share on other sites More sharing options...
Stooney Posted August 12, 2008 Share Posted August 12, 2008 One of the most important things to do is mysql_real_escape_strings all user input. Also, try and keep your database connection file above the webroot. Link to comment https://forums.phpfreaks.com/topic/119395-my-php-website-was-hacked-need-help-preventing/#findComment-615149 Share on other sites More sharing options...
arijose Posted August 12, 2008 Author Share Posted August 12, 2008 Thanks!!! I'll make those changes. Link to comment https://forums.phpfreaks.com/topic/119395-my-php-website-was-hacked-need-help-preventing/#findComment-615154 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.