[support] website or database seemed to be hacked - help!!
geniekids
ratadi2 at gmail.com
Tue Apr 14 11:06:19 UTC 2009
Thanks Greg fpor your support.
It seemed like a worm attack and i am still trying ot figure out if this was
due to my settings or the host provider's insecurity ( my site is on a
shared host)
The links you provided are helping - and after thsi FIRST attack i have been
"woken up" and noticing how important the security issue can be!
So i had to delete the whole of drupal installation and themes and modules
files and copy fresh files and finally everything seems to work fine now :-)
(the database luckily was untouched)
Greg Knaddison wrote:
>
> I sorry to hear that your site was defaced. It sounds like someone
> altered your index.php
>
> Please see http://drupal.org/security/secure-configuration and perhaps
> http://drupal.org/node/213320
>
>
> Regards,
> Greg
>
>
> On Mon, Apr 13, 2009 at 5:16 AM, geniekids <ratadi2 at gmail.com> wrote:
>> The body of many many nodes seemed to have been appended with a whole lot
>> of
>> html content by a hacker - via a script The content is appended with the
>> html tag
>> which has lead to this content being there while not visible when the
>> node
>> is displayed. This content is being appended to even new nodes being
>> created! - as if some script is running. How do i stop this? See what is
>> being added to each node in the attached text file Also now when i access
>> the website - i get the following error at the top Warning:
>> session_start()
>> [function.session-start]: Cannot send session cache limiter - headers
>> already sent (output started at /home/genie/public_html/index.php:2) in
>> /home/genie/public_html/includes/bootstrap.inc on line 995 Warning:
>> Cannot
>> modify header information - headers already sent by (output started at
>> /home/genie/public_html/index.php:2) in
>> /home/genie/public_html/includes/bootstrap.inc on line 596 Warning:
>> Cannot
>> modify header information - headers already sent by (output started at
>> /home/genie/public_html/index.php:2) in
>> /home/genie/public_html/includes/bootstrap.inc on line 597 Warning:
>> Cannot
>> modify header information - headers already sent by (output started at
>> /home/genie/public_html/index.php:2) in
>> /home/genie/public_html/includes/bootstrap.inc on line 598 Warning:
>> Cannot
>> modify header information - headers already sent by (output started at
>> /home/genie/public_html/index.php:2) in
>> /home/genie/public_html/includes/bootstrap.inc on line 599 ); ?> ); ?>
>> html+foreign+content.txt
>> ________________________________
>> View this message in context: website or database seemed to be hacked -
>> help!!
>> Sent from the Drupal - Support mailing list archive at Nabble.com.
>>
>> --
>> [ Drupal support list | http://lists.drupal.org/ ]
>>
>
>
>
> --
> Greg Knaddison
> http://knaddison.com | 303-800-5623 | http://growingventuresolutions.com
> --
> [ Drupal support list | http://lists.drupal.org/ ]
>
>
--
View this message in context: http://www.nabble.com/website-or-database-seemed-to-be-hacked---help%21%21-tp23020939p23037447.html
Sent from the Drupal - Support mailing list archive at Nabble.com.
More information about the support
mailing list