| Author |
Message |
Slackervaara
Captain
Joined: Sep 13, 2003
Posts: 314
|
 Posted:
Wed Jun 20, 2007 10:19 am |
  |
A spammer seems to succeed to download a type of e-mail client named Envio_xD.php to my modules directory and through my site then send out spam. I get a lot of error e-mails to my sites e-mail account that proves that.
I have tried to stop this to happen by add to the .htaccess :
<Files "modules/Envio_xD.php">
Order allow,deny
Allow from myipaddress
</Files>
But it does not seem to work. Grateful för suggestions! |
|
|
   |
|
Evaders99
Site Admin
Joined: Aug 17, 2003
Posts: 12397
|
| Posted:
Wed Jun 20, 2007 10:26 am |
|
How did he get in?
I don't know off-the-top how the FILES declaration works
I would use mod_rewrite to do the same thing, something like
| Code: |
RewriteRule ^modules/Evio_xD.php http://127.0.0.1 [R, L]
|
|
_________________
Helping those that help themselves
Read FIRST or DIE!
"Fighting is terrible, but not as terrible as losing the will to fight."
Star Wars Rebellion Network - Need Help? Evaders Squadron Coding |
|
  |
|
Slackervaara
Captain
Joined: Sep 13, 2003
Posts: 314
|
| Posted:
Wed Jun 20, 2007 11:51 am |
|
The hacker used SpChat to upload the file to my site. I looked in the logs and discovered that. I also found his ip-address, so I have blocked it now in NukeSentinel.
I tried your suggestion with Rewrite, but it gave Internal server error for the entire site, so I could not use it. |
|
|
|
|
Slackervaara
Captain
Joined: Sep 13, 2003
Posts: 314
|
| Posted:
Wed Jun 20, 2007 6:01 pm |
|
I have now solved the problem to access that file. I created a new .htacess file in the directory modules/ . In that .htacess file I have:
<Files "Envio_xD.php">
Order allow,deny
Allow from myipaddress
</Files>
and it works very well and noone else can access that file, if downloaded again to my site. |
|
|
|
|
Evaders99
Site Admin
Joined: Aug 17, 2003
Posts: 12397
|
| Posted:
Wed Jun 20, 2007 8:07 pm |
|
|
|
|
Slackervaara
Captain
Joined: Sep 13, 2003
Posts: 314
|
| Posted:
Wed Jun 20, 2007 10:10 pm |
|
No, Sentinel does not protect from upload of files through SpChat and Sentinel did not protect from the identical behavour by coppermine. However, certain hacking attempts through Spchat have Sentinel protected from, so it seems at least partially integrated into NukeSentinel. |
Last edited by Slackervaara on Thu Jun 21, 2007 5:11 am; edited 1 time in total |
|
|
|
Evaders99
Site Admin
Joined: Aug 17, 2003
Posts: 12397
|
| Posted:
Thu Jun 21, 2007 5:06 am |
|
|
|
|
athens101
Sergeant
Joined: Jul 11, 2004
Posts: 104
Location: Athens
|
| Posted:
Thu Jun 21, 2007 3:35 pm |
|
|
|
|
Slackervaara
Captain
Joined: Sep 13, 2003
Posts: 314
|
| Posted:
Sat Jun 23, 2007 5:22 pm |
|
I wonder, if not this in the .htaccess file would be better? It should also stop hackers from uploading index.php or config.php to the site.
<Limit PUT>
order deny,allow
deny from all
</Limit>
Has anyone tried this? |
|
|
|
|
Evaders99
Site Admin
Joined: Aug 17, 2003
Posts: 12397
|
| Posted:
Sun Jun 24, 2007 4:18 pm |
|
|
|
|
|
|
