Comments

Jack and Jill website hacked — 12 Comments

  1. RhodesTer: I have seen more attractive forms of life sucking mud at the bottom of a pond.

    Robert: Yes, I have a fair idea, but I’m not going to publicise it [can’t be too careful]. I have upgraded the [possibly] vulnerable software and have spent the morning trawling the site for other suspect files..

  2. I’m a web designer as well and a lot of the people that try to hack my stuff come from China… It got so bad that the network folks at work decided to block all IP addresses from China. I’m not sure how to do that, but it could be a start for ya.

    On another note, what software do you use for your web design? I do all of my code in notepad which is very painful so I’m looking other options…

  3. Welcome Daniel! I may well look at blocking IP addresses yet. I have upgraded all the software on the affected sites and closed any potential loopholes, so I should be OK for now.

    As for the tools of the trade? TextPad is your only man. 90% of my stuff is PHP and MySQL so a text editor is the only way. If you try TextPad, you will bin Notepad forever. The latter is a load of rubbish.

  4. I have quite a comprehensive method of dealing with unwanted visitors and general nastiness. Although I use a reverse proxy, anyone interested should stillbe abale to adapt my regular expressions into a .htaccess file.

    I also tend to block vast swathes of the internet address space, and blocking China is a really good place to start, the Ukraine, Russia and Moldova are also prime candidates but the problem is that the vast majority come from hosted servers in the U.S. and especially KeyWeb in Germany.

    Anyway you can have a look at what I am blocking over here:

    http://tech.sweetnam.eu/2008/12/who-and-what-i-allow-access-my-websites/

  5. they got me too. they did it through a comment on my site. i was just so happy to have a comment that i published it before really reading it. they came with three or four different emails from different names like nancy, valerie or some such innocuous name. the thing with the emails though was that they were so innocent sounding, but i finally figured out that it was the link that looked like a signature that was the culprit. oh, i’ve had hell…mainly because i don’t have your expertise. i think i finally found something to control it with. i don’t know enough to go in and start removing stuff so i’m not messing with that. but it’s a realy shame that hackers have no soul and have to try to put down a site as great as jack and jills. 🙁

  6. Holy God, Robert! A nice list. I might rob that and lam it into the servers. Either that or I’ll set Himself onto them.

    Prin: The byword is caution. I always double check comments and emails before accepting them. Even an innocent link can cause mayhem. I have nearly been caught once or twice, and even then have had my PC infected. Only yesterday I found a trojan that had been lurink and uit was a bugger to remove.

    Welcome Darragh! I think you’ll find it is a little quieter in here?

Leave a Reply

Your email address will not be published. Required fields are marked *

HTML tags allowed in your comment: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>