Categories

A sample text widget

Etiam pulvinar consectetur dolor sed malesuada. Ut convallis euismod dolor nec pretium. Nunc ut tristique massa.

Nam sodales mi vitae dolor ullamcorper et vulputate enim accumsan. Morbi orci magna, tincidunt vitae molestie nec, molestie at mi. Nulla nulla lorem, suscipit in posuere in, interdum non magna.

Web Development

Another web-site hack, anatomized – Epilogue

Good post? Please, share it...
Pin It

I hold up my hands and say that I was wrong, in the conclusion I came to at the end of my last blog. I hadn’t detected the presence of the strange strings, added to the URLs of menu links. I had merely detected a symptom.

In fact the problem was that pretty much every SEF-related file on the site had been hacked. The SEF code was merely reading the request-headers and extracting a piece of the URL requested, to add to the menu links. So, whenever a request was made to an obsolete, non-existing page, the request was hijacked and part of the URL requested was inserted into the menu link. Fiendishly ingenious!

Needless to say, once I had traced the problem, I was able to clean it out and eliminate it, finally fixing the site. I also put in some additional security measures and gave instructions on how best to secure the site from future attacks.

The newspaper owner has published an article on my company and how we saved their site, entitled Hip hip hoo-Ray


3 comments to Another web-site hack, anatomized – Epilogue

  • This is really interesting, You’re a very skilled blogger. I have joined your feed and look forward to seeking more of your great post. Also, I’ve shared your web site in my social networks!

  • Took me time for you to read through all sorts of things, but I actually liked it. It proved for being Rather valuable to me and I’m guaranteed to all of the other customers right here! It is frequently awesome while you cannot only be knowledgeable, but additionally entertained! Many thanks all over again…

  • anoe

    Ray
    what a great article on the news site that was hacked. My contact have
    seen it too. great job 🙂
    anoe

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

  

  

  

This site uses Akismet to reduce spam. Learn how your comment data is processed.