My website was hacked - Nothing to do with WebWiz

Web Wiz Forums itself is extreamly secure and a hacker can use many methods to place such a file on the server if your web site is not setup securely.

Before writting a 10 page esay on the many 1000's of different ways a hacker could have done this the best thing to do is have a look through your sites log files to findout exactly how the hacker has done this and what path through your site they took.

Also other information would be helful such as;

Web Wiz Forusm version?
Database type?
Are uploads enabled?
Have you disabled write permissions to your public folders? (This would certainly stop this type of thing)
Are your passwords sufficiently strong? (FTP, Frontpage, Forum Admin login)

If you are using the Access version make sure that the database is in a secure folder without public access.

Incase the hacker has got hold of your database, if it was not properly secured, update any admin passwords straight away (you should do this anyway).

To disable uploads you should update the permissions system, although uploads are pretty secure, so I doubt they got in this way, more likely exploited the IIS web server by not have write permissions disabled.


Edited by -boRg- - 23 May 2007 at 9:50am

The best way is to look at your log files, you should be able to get from the modify or creation date of the file an estimate of the time the file was placed on the server.

Then it is just a case of looking in your log files for activity around this time, and the IP address of the hacker. By following the IP addresses back through your log files you should be able to see the files that the hacker has viewed and from these tell how, or what part of the site the hacker used to place the file on the server, or what method they used.

Edited by ruycnd - 07 July 2011 at 6:49am