Jack and Jill website hacked
There are times when words nearly fail me.
There are scum out there who will sink to the lowest depths.
Last night, alarm bells started ringing all over the place. Two of my websites had been hacked.
One was a community site, which they took over and started using as a distribution point for illegal software. That I could live with though it was damned irritating. It was a matter of removing all their stuff and cleansing the site.
The other attack was the one that sickened me though. They attacked the Jack and Jill website.
To those of you who are not familiar with Jack and Jill, they are a charity that provide respite care for parents of children with disabilities. I first came across them years ago when I saw their founder, Jonathan Irwin on television. One thing led to another, and they took Laughingboy under their wing.
They were fantastic. They provided support where the state wasn’t interested. They provided advice as well as vital practical support. I felt I had to do something in return, and I now sponsor their website and hosting. I am very proud to do that, and wish I could do more.
It incenses me therefore when some low life thinks he is smart and attacks a site like this. Because of that little bastard, I had to spend half the night stripping the server (because it was crawling with viruses and malicious code), reinstalling all the software, restoring databases and of course changing all the passwords.
By coincidence, Damien Mulley is running a campaign on behalf of Jack and Jill. I was delighted to see this, and would urge you to head on over, where he will explain it all. You never know – you might win yourself a nice little prize?
Say that you came from Head Rambles. I don’t want the glory, so I might as well try to do something for him.
You never know. He might win something.
It would make up, in part for last night.
What to say.. my GOD, there’s nothing.
If they’re not out hacking charitable websites, they’re probably out drowning puppies.
How did they get access to your server? Or do you know that yet?
RhodesTer: I have seen more attractive forms of life sucking mud at the bottom of a pond.
Robert: Yes, I have a fair idea, but I’m not going to publicise it [can’t be too careful]. I have upgraded the [possibly] vulnerable software and have spent the morning trawling the site for other suspect files..
Question! Why do you and Grandad never comment on each other’s sites? Seems awfully rude if you ask me.
Which one is my father?
We couldn’t be bothered, I suppose. As for your father, which one do you want?
I’m a web designer as well and a lot of the people that try to hack my stuff come from China… It got so bad that the network folks at work decided to block all IP addresses from China. I’m not sure how to do that, but it could be a start for ya.
On another note, what software do you use for your web design? I do all of my code in notepad which is very painful so I’m looking other options…
Welcome Daniel! I may well look at blocking IP addresses yet. I have upgraded all the software on the affected sites and closed any potential loopholes, so I should be OK for now.
As for the tools of the trade? TextPad is your only man. 90% of my stuff is PHP and MySQL so a text editor is the only way. If you try TextPad, you will bin Notepad forever. The latter is a load of rubbish.
I have quite a comprehensive method of dealing with unwanted visitors and general nastiness. Although I use a reverse proxy, anyone interested should stillbe abale to adapt my regular expressions into a .htaccess file.
I also tend to block vast swathes of the internet address space, and blocking China is a really good place to start, the Ukraine, Russia and Moldova are also prime candidates but the problem is that the vast majority come from hosted servers in the U.S. and especially KeyWeb in Germany.
Anyway you can have a look at what I am blocking over here:
http://tech.sweetnam.eu/2008/12/who-and-what-i-allow-access-my-websites/
they got me too. they did it through a comment on my site. i was just so happy to have a comment that i published it before really reading it. they came with three or four different emails from different names like nancy, valerie or some such innocuous name. the thing with the emails though was that they were so innocent sounding, but i finally figured out that it was the link that looked like a signature that was the culprit. oh, i’ve had hell…mainly because i don’t have your expertise. i think i finally found something to control it with. i don’t know enough to go in and start removing stuff so i’m not messing with that. but it’s a realy shame that hackers have no soul and have to try to put down a site as great as jack and jills. 🙁
Glad you got it sorted! My first time here for a nosy around – I think I’ll like this place!
Holy God, Robert! A nice list. I might rob that and lam it into the servers. Either that or I’ll set Himself onto them.
Prin: The byword is caution. I always double check comments and emails before accepting them. Even an innocent link can cause mayhem. I have nearly been caught once or twice, and even then have had my PC infected. Only yesterday I found a trojan that had been lurink and uit was a bugger to remove.
Welcome Darragh! I think you’ll find it is a little quieter in here?
Quieter alright Richard, and there’s probably more chance of a dacent cup of tea here. Am I right?