Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived General Discussion Help! My Codeigniter site was hacked
Help! My Codeigniter site was hacked
  • El Forum
    Unregistered
  •  
#2
09-10-2012, 06:18 AM

[eluser]PhilTem[/eluser]
Your .htaccess was hacked with an PHP Injection? Wow, that sounds pretty awesome of the hackers. Kudos to the hackers.

But anyway, I think you can avoid such things with two easy things:

First, fix the permissions of your files. Usually your webserver runs with a different username than you might want to create/store the files with. So you can easily modify the file permissions to allow editing only by the owner but executing by everyone.

Second, always keep your CI version up-to-date. The most recent, stable, and secure "build" is v2.1.2. You're still one major version behind which is probably the most vulnerable point of your site.

And maybe a third one as well: If you got proper code that is has lots of unit-testing it shouldn't be a problem at all. And don't forget one golden rule of development:

Never trust user input


Messages In This Thread
Help! My Codeigniter site was hacked - by El Forum - 09-10-2012, 02:16 AM
Help! My Codeigniter site was hacked - by El Forum - 09-10-2012, 06:18 AM
Help! My Codeigniter site was hacked - by El Forum - 09-10-2012, 06:40 AM
Help! My Codeigniter site was hacked - by El Forum - 09-10-2012, 07:31 AM



Theme © iAndrew 2016 - Forum software by © MyBB