+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Development (https://forum.codeigniter.com/forumdisplay.php?fid=6)
+--- Forum: Issues (https://forum.codeigniter.com/forumdisplay.php?fid=19)
+--- Thread: My almost ci site hack (/showthread.php?tid=68698)
Pages:
1
2
RE: My almost ci site hack - Marku - 08-16-2017
(08-15-2017, 08:20 AM)skunkbad Wrote: A long time ago I had this happen. I wanted to blame all of the usual suspects, but in the end I found that it was my use of plain FTP, and the fact that another computer on my network was infected with many viruses / malware. I even changed my password to FTP, but that didn't help because that other computer was sniffing network traffic, and as soon as I used another password it would grab it.
OP never said if he/she was using plain FTP. What is it OP? Ideally use SFTP, FTPes, or anything besides plain FTP.
That i understand, but why my only ci website are hacked not others that i have made in other programming language.
RE: My almost ci site hack - Diederik - 08-16-2017
Good point about encrypted connections @skunkbad.
There is also a risk in using Filezilla (perhaps the most used ftp client?). The sitemanager of Filezilla stores all your FTP credentials in an xml file in plain text or in base_64 encoding. Malware exists that retrieves those login details and sends it to the attacker. Therefor, always ensure your operating system is up to date and have a virus scanner active.
I work one day a week from my home. I have setup a vlan in my home network just to isolate my workstation from all other devices in the network. You can never be to paranoid
RE: My almost ci site hack - skunkbad - 08-16-2017
(08-16-2017, 12:26 AM)Marku Wrote:(08-15-2017, 08:20 AM)skunkbad Wrote: A long time ago I had this happen. I wanted to blame all of the usual suspects, but in the end I found that it was my use of plain FTP, and the fact that another computer on my network was infected with many viruses / malware. I even changed my password to FTP, but that didn't help because that other computer was sniffing network traffic, and as soon as I used another password it would grab it.
OP never said if he/she was using plain FTP. What is it OP? Ideally use SFTP, FTPes, or anything besides plain FTP.
That i understand, but why my only ci website are hacked not others that i have made in other programming language.
Programming languages or PHP frameworks? Maybe the virus maker not smart enough to deal with other programming languages? I don't know.
RE: My almost ci site hack - Paradinight - 08-16-2017
(08-16-2017, 12:26 AM)Marku Wrote:(08-15-2017, 08:20 AM)skunkbad Wrote: A long time ago I had this happen. I wanted to blame all of the usual suspects, but in the end I found that it was my use of plain FTP, and the fact that another computer on my network was infected with many viruses / malware. I even changed my password to FTP, but that didn't help because that other computer was sniffing network traffic, and as soon as I used another password it would grab it.
OP never said if he/she was using plain FTP. What is it OP? Ideally use SFTP, FTPes, or anything besides plain FTP.
That i understand, but why my only ci website are hacked not others that i have made in other programming language.
we need more infos. without infos we can not help.
changed the hacker some files or only the output of the site?