Comments on: Website hack – microsotf.cn – Wordpress http://www.mattswanner.com/web-design/website-hack-microsotfcn-wordpress.html Raleigh Graphic and Web Designer - Matt Swanner Sat, 05 Jun 2010 01:57:52 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Amy http://www.mattswanner.com/web-design/website-hack-microsotfcn-wordpress.html/comment-page-1#comment-395 Amy Sat, 05 Jun 2010 01:57:52 +0000 http://www.mattswanner.com/?p=284#comment-395 Actually as a follow up, when I asked my host for the Ftp logs they said they just implemented a new security feature. You upload 2 files to your server root directory, ftp.allow & ftp.deny. This way you can block any IP except your own from access. If you change IP's you would have to do a file transfer in your control panel as you would be blocked yourself. This is a great simple solution. It may be worth considering a host change for some. ftp.allow eg ALL: 207.216.239.69 ftp:deny eg All:All Actually as a follow up, when I asked my host for the Ftp logs they said they just implemented a new security feature. You upload 2 files to your server root directory, http://ftp.allow & http://ftp.deny. This way you can block any IP except your own from access. If you change IP’s you would have to do a file transfer in your control panel as you would be blocked yourself. This is a great simple solution. It may be worth considering a host change for some.

http://ftp.allow eg

ALL: 207.216.239.69

ftp:deny eg

All:All

]]> By: stephen http://www.mattswanner.com/web-design/website-hack-microsotfcn-wordpress.html/comment-page-1#comment-394 stephen Thu, 29 Apr 2010 14:37:39 +0000 http://www.mattswanner.com/?p=284#comment-394 What a really cool blog! What a really cool blog!

]]> By: Have Your Websites Been iframe Hacked Also? http://www.mattswanner.com/web-design/website-hack-microsotfcn-wordpress.html/comment-page-1#comment-369 Have Your Websites Been iframe Hacked Also? Sun, 19 Jul 2009 21:18:17 +0000 http://www.mattswanner.com/?p=284#comment-369 [...] to some good discussions about this iframe hack: Web site hack loading microsotf.cn | Geeked Info Website hack – microsotf.cn – Wordpress | Web Design, Raleigh NC - Matt Swanner Here is an older article/blog post, it does not mention these new .cn domains, but still good [...] [...] to some good discussions about this iframe hack: Web site hack loading microsotf.cn | Geeked Info Website hack – microsotf.cn – Wordpress | Web Design, Raleigh NC – Matt Swanner Here is an older article/blog post, it does not mention these new .cn domains, but still good [...]

]]> By: Paul http://www.mattswanner.com/web-design/website-hack-microsotfcn-wordpress.html/comment-page-1#comment-368 Paul Sat, 18 Jul 2009 20:28:00 +0000 http://www.mattswanner.com/?p=284#comment-368 Actually as a follow up, when I asked my host for the Ftp logs they said they just implemented a new security feature. You upload 2 files to your server root directory, ftp.allow & ftp.deny. This way you can block any IP except your own from access. If you change IP's you would have to do a file transfer in your control panel as you would be blocked yourself. This is a great simple solution. It may be worth cosnidering a host change for some. This is ixwebhosting. ftp.allow eg ALL: 207.216.239.69 ftp:deny eg All:All Actually as a follow up, when I asked my host for the Ftp logs they said they just implemented a new security feature. You upload 2 files to your server root directory, http://ftp.allow & http://ftp.deny. This way you can block any IP except your own from access. If you change IP’s you would have to do a file transfer in your control panel as you would be blocked yourself. This is a great simple solution. It may be worth cosnidering a host change for some. This is ixwebhosting.

http://ftp.allow eg

ALL: 207.216.239.69

ftp:deny eg

All:All

]]> By: Paul http://www.mattswanner.com/web-design/website-hack-microsotfcn-wordpress.html/comment-page-1#comment-367 Paul Sat, 18 Jul 2009 18:00:13 +0000 http://www.mattswanner.com/?p=284#comment-367 My site has had this issue several tiems over the last few weeks. No mysql on the server so I am sure its an FTP attack. My webhost (ixwebhosting)does not offer ssh, I pointed out several others to them that do & said I'm moving unless they do likewise soon. In my case I think the problem came from the person maintianign the spanish section of my site who is using firezilla. I found this link http://www.tech-evangelist.com/2009/06/08/filezilla-alert-trojan-virus/ . I use WSFTP professional which has the ability to search the remote files by date, so when I get hacked I search for those changed in the last 24 hours & it picks them out nicely. It is always the same 5 or 6 pages out of what is a large site. For that reason i suspect they have installed a file somewhere to do the hack that they are executing within my own site. i am currently searching the whole site manually for it if it exists. Has anyone tried Hack Detect Pro? It sonly $20 and apperently will detect any files changed and replace them with a backup. For that price its worth the chance. My site has had this issue several tiems over the last few weeks. No mysql on the server so I am sure its an FTP attack. My webhost (ixwebhosting)does not offer ssh, I pointed out several others to them that do & said I’m moving unless they do likewise soon. In my case I think the problem came from the person maintianign the spanish section of my site who is using firezilla. I found this link http://www.tech-evangelist.com/2009/06/08/filezilla-alert-trojan-virus/ . I use WSFTP professional which has the ability to search the remote files by date, so when I get hacked I search for those changed in the last 24 hours & it picks them out nicely. It is always the same 5 or 6 pages out of what is a large site. For that reason i suspect they have installed a file somewhere to do the hack that they are executing within my own site. i am currently searching the whole site manually for it if it exists.

Has anyone tried Hack Detect Pro? It sonly $20 and apperently will detect any files changed and replace them with a backup. For that price its worth the chance.

]]>