[support] website or database seemed to be hacked - help!!
Greg Knaddison
greg.knaddison at gmail.com
Mon Apr 13 16:12:50 UTC 2009
I sorry to hear that your site was defaced. It sounds like someone
altered your index.php
Please see http://drupal.org/security/secure-configuration and perhaps
http://drupal.org/node/213320
Regards,
Greg
On Mon, Apr 13, 2009 at 5:16 AM, geniekids <ratadi2 at gmail.com> wrote:
> The body of many many nodes seemed to have been appended with a whole lot of
> html content by a hacker - via a script The content is appended with the
> html tag
> which has lead to this content being there while not visible when the node
> is displayed. This content is being appended to even new nodes being
> created! - as if some script is running. How do i stop this? See what is
> being added to each node in the attached text file Also now when i access
> the website - i get the following error at the top Warning: session_start()
> [function.session-start]: Cannot send session cache limiter - headers
> already sent (output started at /home/genie/public_html/index.php:2) in
> /home/genie/public_html/includes/bootstrap.inc on line 995 Warning: Cannot
> modify header information - headers already sent by (output started at
> /home/genie/public_html/index.php:2) in
> /home/genie/public_html/includes/bootstrap.inc on line 596 Warning: Cannot
> modify header information - headers already sent by (output started at
> /home/genie/public_html/index.php:2) in
> /home/genie/public_html/includes/bootstrap.inc on line 597 Warning: Cannot
> modify header information - headers already sent by (output started at
> /home/genie/public_html/index.php:2) in
> /home/genie/public_html/includes/bootstrap.inc on line 598 Warning: Cannot
> modify header information - headers already sent by (output started at
> /home/genie/public_html/index.php:2) in
> /home/genie/public_html/includes/bootstrap.inc on line 599 ); ?> ); ?>
> html+foreign+content.txt
> ________________________________
> View this message in context: website or database seemed to be hacked -
> help!!
> Sent from the Drupal - Support mailing list archive at Nabble.com.
>
> --
> [ Drupal support list | http://lists.drupal.org/ ]
>
--
Greg Knaddison
http://knaddison.com | 303-800-5623 | http://growingventuresolutions.com
More information about the support
mailing list