Author Topic: Keep Scripts Updated = Keep Hackers Away  (Read 4875 times)

0 Members and 1 Guest are viewing this topic.


  • Yep
  • Administrator
  • Sr. Member
  • *****
  • Posts: 259
  • Gender: Male
  • HostNed Admin
    • View Profile
Keep Scripts Updated = Keep Hackers Away
« on: June 18, 2007, 05:02:47 PM »
It seems that we often get the comment from users "My site has been hacked.  My web forum index page was replaced (or erased).  Please make it so that hackers cannot get in."

The kind of problem you are experiencing often happens when you have PHP or ASP scripts on your web space that is insecure.  The server must do what the script calls for and if the script itself is insecure, then it could seriously jeopardize your data.  It is not uncommon for popular web scripts like forums, blogs, CMS scripts and others to contain vulnerabilities that allow malicious users to access or edit or delete files.  If you are using a common web script and believe it is insecure, contact the author of the script for information on applying security patches and/or upgrading to the latest version of the script.

From my experience, the most insucure scripts are:

PHP Nuke

Although almost any popular GPL web script can be vulnerable, even the most vulnerable can be made secure.  It takes a lot of attention and research.  Again, the most important thing you can do is go to the support site for the script you are using and apply all security patches.  Also find if the script designer recommends if Register_Globals be set to OFF.  If so, disable register globlas using .htaccess file.