Categories

A sample text widget

Etiam pulvinar consectetur dolor sed malesuada. Ut convallis euismod dolor nec pretium. Nunc ut tristique massa.

Nam sodales mi vitae dolor ullamcorper et vulputate enim accumsan. Morbi orci magna, tincidunt vitae molestie nec, molestie at mi. Nulla nulla lorem, suscipit in posuere in, interdum non magna.

Web Development

Another web-site hack, anatomized – Epilogue

Good post? Please, share it...
Pin It

I hold up my hands and say that I was wrong, in the conclusion I came to at the end of my last blog. I hadn’t detected the presence of…

I hold up my hands and say that I was wrong, in the conclusion I came to at the end of my last blog. I hadn’t detected the presence of the strange strings, added to the URLs of menu links. I had merely detected a symptom.

In fact the problem was that pretty much every SEF-related file on the site had been hacked. The SEF code was merely reading the request-headers and extracting a piece of the URL requested, to add to the menu links. So, whenever a request was made to an obsolete, non-existing page, the request was hijacked and part of the URL requested was inserted into the menu link. Fiendishly ingenious!

Needless to say, once I had traced the problem, I was able to clean it out and eliminate it, finally fixing the site. I also put in some additional security measures and gave instructions on how

Click the title, above, to continue reading […]

Web Development

Another web-site hack, anatomised

Good post? Please, share it...
Pin It

Recently, I came across a newspaper web-site, in the UK, which had been hacked. The owner reported that there was a security problem. The moment I visited the site, I was immediately warned by my security tools that the site had been blocked from delivering an evil payload to my machine. This is how I fixed the problem.

Click the title, above, to continue reading […]