[support] My Drupal 7.15 just hacked :(
lamp at afan.net
lamp at afan.net
Fri Oct 26 03:35:51 UTC 2012
Thanks to all for fast respond.
I apologize for wrong assumption - I was mislead too.
No, it's not Drupal issue. I found "hole". Not Drupal related.
Thanks again
> I assume you have changed your FTP password and most other passwords
> associated with the site, e.g. if they FTPed then they could have grabbed
> the settings.php file and have your database password.
>
> Unless the password was easy to guess, it is likely that some virus
> scraped
> it off your home/work machine so any other passwords there need to be
> changed.
>
> On Thu, Oct 25, 2012 at 10:33 PM, Steve Kessler
> <skessler at denverdataman.com>wrote:
>
>> The only place where Drupal deploys FTP is in the updates system. Given
>> that this system requires that you have the permissions to use it I
>> think
>> it is safe to say that Drupal was not compromised to provide access to
>> FTP.
>>
>>
>> FTP is not a secure protocol and should be avoided.
>>
>> If the only file that was changed out what a new index.php than this
>> does
>> not sound like any type of Drupal attack either.
>>
>> I think it is safe to say that Drupal was not the cause of this unless
>> you
>> have something specific in your logs that shows otherwise.
>>
>> Hope this helps you.
>>
>> -Steve
>>
>> On Thu, Oct 25, 2012 at 8:06 PM, <lamp at afan.net> wrote:
>>
>>> Hi,
>>> My development website (Drupal 7.15) setup 2 weeks ago. Only View and
>>> Chaos Tools Suite Modules installed.
>>> I contacted hosting company and they said it's compromised through FTP
>>> -what I don't believe (if it's truth I'm really screwed because there
>>> is
>>> tons of other sites too :( )
>>> I got "Security update" message but, since it's development website, I
>>> wasn't rushin'
>>>
>>> What's chances it's really FTP or something else? No other problems but
>>> "new" index page. Though, they could "planted" something?
>>>
>>> Suggestions?
>>>
>>> Thanks for any help,
>>> LAMP
>>>
>>> --
>>> [ Drupal support list | http://lists.drupal.org/ ]
>>>
>>
>>
>>
>> --
>> Steve Kessler
>> Owner and Lead Consultant
>> Denver DataMan, LLC
>> 303-587-4428
>>
>>
>> --
>> [ Drupal support list | http://lists.drupal.org/ ]
>>
> --
> [ Drupal support list | http://lists.drupal.org/ ]
More information about the support
mailing list