vincej Posted June 7, 2014 Share Posted June 7, 2014 Yup, the nice person left some friendly messages just to prove it. Now i need to recover. I have back up code and DB. But I need to establish what kind of hack it was and how to improve things. The big tell tale, is that all the javascript is gone off the pages. Yet the js tools ( jquery etc ) all all still there. They also got past the login page as well. The site was built with CodeIgniter so I had invested my trust in the framework as I will never assume I know more than the CI guys on security. any ideas jump to mind as to what kind of hack it was and therefore what obvious things I can do to avoid it again ? Many Thanks !! Quote Link to comment Share on other sites More sharing options...
ignace Posted June 7, 2014 Share Posted June 7, 2014 CodeIgniter is dead. And security is only as good as the programmer who wrote it. It's like the lock on your front door, it's nice to have it, useless if you never actually lock your door. From your description I am guessing they did not hack your website through software problems, but through FTP (since the JS is gone off the pages, unless you built a removeJsFromViews() function). So your FTP access is likely compromised, you might wanna change your password, or if using shared hosting, another account on the server has been able to access your account. In that case, you'll need the provider to dig through his log files. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.