Announcement

Collapse
No announcement yet.

Porn Link Spammers Access Folder on Server!!

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Porn Link Spammers Access Folder on Server!!

    Hi,

    I am on the latest Vbulletin.. . I think that there would be other people at risk too! I did a check on Google Webmaster tools and i went to Content Analysis, pages with Short Meta descriptions... I could not believe my eyes, there was list of urls that I had never seen, that were uploaded onto my server somehow.

    I think it is my old Attachments folder, but I dont have attachments there.. they are in my forum/files directory.....

    There is a directory on Forum root called attached and it is folder full of Spammy Html files to Porn, I dont know how it got there.. but, it was set to 777.


    How do these spam people get access to my folder?? What should I do?

    Do you think Scanalert hacker protection is good to prevent this stuff. another question I am on Managed Hosting, so whose responsibility is it!?
    Last edited by zooki; Fri 29 Feb '08, 4:00am.

  • #2
    Because it's 777 and it's in a web-accessible directory. You should move it above the main web directory.
    Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
    Change CKEditor Colors to Match Style (for 4.1.4 and above)

    Steve Machol Photography


    Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


    Comment


    • #3
      Its happened again, this time inside Forum folder, in my signaturepics folder.

      There is an index file, which can be seen on Google search, Spam page for Pharmaceutical things...

      *sighs* I thought they could not access these folders, how did it happen?

      What am I to do to stop this?

      what should permissions be set at? for folders like for Attachments or Modules, 755 ?
      Last edited by zooki; Wed 23 Jul '08, 1:08pm.

      Comment


      • #4
        Post #2 still applies. If you are going to store these in the file system instead of the database, then that directory must be world-writable.
        Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
        Change CKEditor Colors to Match Style (for 4.1.4 and above)

        Steve Machol Photography


        Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


        Comment


        • #5
          Originally posted by Steve Machol View Post
          Post #2 still applies. If you are going to store these in the file system instead of the database, then that directory must be world-writable.
          I never can remember above root or below root, so. . . .
          The safest place is to have an attachments directory in the same directory as your public_html directory? /home/
          ...steven
          www.318ti.org (vB3.8) | www.nccbmwcca.org (vB4.2)
          bmwcca.org/forum | m135i.net
          "I tried to clean this up but this thread is beyond redemption." - Steve Machol

          Comment


          • #6
            Above the public_html directory.
            Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
            Change CKEditor Colors to Match Style (for 4.1.4 and above)

            Steve Machol Photography


            Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


            Comment

            widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
            Working...
            X