FRIHOSTFORUMSSEARCHFAQTOSBLOGSDIRECTORY
You are invited to Log in or Register a Frihost Account!

Is my site hacked?

   Frihost Forum Index -> Support and Web Hosting -> Web Hosting Support
 


bukaida
I have a frihost hosting account.In my site's guest book, each comment is accompanying a lots of link and text which were once cleared by me manualy earlier but again they re-appeared.Even the past comments which were clean earlier are now accompanying the links(changing the admin pass didnot help).Is my site hacked? What is to be done next?

The situation is at---

http://www.pratik.frih.net/gbook/index.php?entry=0
LostOverThere
Not hacked at all. You've just got a spam bot spamming you. Best implant some sort of CAPTCHA on your guest book.

Try here
rvec
LostOverThere wrote:
Not hacked at all. You've just got a spam bot spamming you. Best implant some sort of CAPTCHA on your guest book.

Try here
he has one, probably not good enough. You could try some harder to get captcha or some other kind of bot protection.

On my own site I added a form where users have to enter the sum of two random numbers.
You could add this to the form page (don't forget to add session_start() to the top of the file):
Code:
$a = rand(0,20);
$b = rand(0,20);
$_SESSION['gb_botprotect'] = $a + $b;


echo <<<TEXT
<tr bgcolor="#E8E8E8">
    <td width="25%" class="font1"> The sum of  $b  and  $b*:</td>
    <td><input type="text" name="gb_botprotect" size="55" maxlength="30"></td>
  </tr>
TEXT;


and start addentry.php like this:

Code:
session_start();
$botprotect = (int) $_POST['gb_botprotect'];
if ($botprotect != $_SESSION['gb_botprotect']) {
    echo <<<TEXT
wrong answer to the bot-question!
<meta HTTP-EQUIV="REFRESH" content="5; url=addentry.php">
TEXT;
} else {
    the rest of the file
}
bukaida
As rvec said, I already have a random character generator and you cannot by-pass it (apparently). I am trying his (rvec) method now.Hope this will keep out spammers. Sad
mOrpheuS
bukaida wrote:
each comment is accompanying a lots of link and text
...
Even the past comments which were clean earlier are now accompanying the links


You're using "Advanced Guestbook" ... which has the option of adding "comments" to "guestbook entries" and also a CAPTCHA protection.

The bad news is that you're using an outdated version of the script (v2.4.1) which, strangely, doesn't enforce CAPTCHA validation when making comments on existing entries !

Notice the difference -
http://www.pratik.frih.net/gbook/addentry.php
http://www.pratik.frih.net/gbook/comment.php?gb_id=6

As you can see, the spammer (probably a bot) is not able to add guestbook entries - only comments to existing guestbook entries.

From what I can see at the script's homepage, the latest version (v2.4.3) of the script doesn't have this problem ( http://www.proxy2.de/demo/guestbook/comment.php?gb_id=2300 )

Upgrading to the latest version of the script should fix your problems.

Alternatively, you should try disabling the "comments" feature (or enabling password protection for it) if you don't really need people commenting on guest book entries.
bukaida
Thank you morpheus for your valuable suggestion.I realy do not have any necessity to add comment.So I am stopping this feature.Also I have already enforced the password feature.Lets see whether this trick works.Else I will have to upgrade to the new version(at the cost of loosing current comments).

As to be said--If they are having spams, I am also having my frihost forum and their specialists.Lets see who wins. Smile
Related topics

My Joomla Site Hacked
web site hacked, need help deleting files
Is my site hacked
My new forum with phpBB : Educational and Web and Internet
Database Error: Unable to connect to the database:Could not
Database Error and Internal Server Error
Is it security vulnerability to access cPanel through proxy
Php-Nuke Site -- How likely is it going to be hacked?
My site was hacked
Google Hacked?
my Wordpress hacked themes
i hacked last.fm
My website has been hacked
our site was hacekd
Need urgent help - Joomla got hacked
Reply to topic    Frihost Forum Index -> Support and Web Hosting -> Web Hosting Support

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2007 Frihost, forums powered by phpBB.