Important step when sanitizing Important step when sanitizing
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

Important step when sanitizing

Started by neil fitzgerald, May 08, 2009, 02:27:23 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

neil fitzgerald

May 08, 2009, 02:27:23 AM
I traced some suspicious requests in my server logs to a malicious php file in my coppermine folder.
Long story short; when I recently had to sanitize my site after a hack, I apparently missed some infected files because while making a local backup of all the files on my webspace, my virus protection was quietly quarantining several files containing viruses. So, these malicious files didn't show up in diff viewer, and I didn't notice and remove them on my site.

This is just to point out the need to keep this in mind when sanitizing. Make sure your virus protection alerts you to incoming threats, or check its logs. Maybe this is worth adding to the very helpful sanitizing thread: http://forum.coppermine-gallery.net/index.php/topic,51927.0.html
Print
Go Up Pages1
User actions