How secure and exploitable is phpmotion?

[asentertainment]

Greeting,

I'm curious how secure and exploitable phpmotion is.. relating more to the fact of IF i decide to use phpmotion, how easy would it be for someone to deface my website or exploit my server?

This is a great concern of mine and i'm sure its on the mind of other users.

Thank you in advance for your response.

[asentertainment]

just curious if anyone has encountered any issues concerning security.

[Ezra]

So! I know this thread is about 2 years old... but my website just got hacked tonight!!! It was defaced by a hacker by the name of lo$er.0. You can even see a bunch of websites he has hacked into on www.arabic-m.com - fantastic!

Well, after a while of searching and stressing and frustration, I finally found the files that had been altered by our good friend lo$er.0 --> sessions.php and config.php in the classes folder. I am not sure what are some security measures I can take to prevent this from ever happening again. How do they have access to my web server? It IS possible I had the classes folder set to 777 file permissions, as that is what they were when I started looking out for possible causes of the defacement. But its also possible the hackers changed those file permissions. Is that possible?

Anyway, I just thought I'd let people know that SITES DO GET HACKED (mine isn't even finished yet and people don't go on it) so lock your doors, bar your windows, and backup your websites!!!

[frankie]

it might help if you posted your site url?

[Ezra]

Well, I have fixed the problem by replacing those two files with the original ones (thankfully they weren't redesigned files that I have edited) so it's not necessary for me to put my site URL up. But, I am with Cirtex Hosting sharing a server if that helps.

EDIT * Basically, I'm just trying to let people know that hackers DO hack, and I don't want other people to find they're files have been overwritten without a backup. Also, I am looking to see if anyone knows of any ways to prevent such attacks for the future.

[frankie]

yeah well thats your answer, cirtex servers have been hacked a few times in the past.

i guess there are still issues, but it has nothing to do with phpmotion.

what version of phpmotion was this?

[Ezra]

It's on phpmotion v3. I guess I should be posting this in another forum and not phpMotion v1... sorry. I was just searching for security/exploitability in phpmotion and I was just replying to this thread.

Thanks for that, frankie. I will contact Cirtex hosting and see what they have to say. I didn't think it was phpmotion's fault, but not knowing that Cirtex have such issues its probably a great place to post such issues seeing as many people on this site would use Cirtex as a host.

Cheers.

[frankie]

from that list it seems that NS75 and NS76 are affected, a bunch of sites got hit.

is your site the one with the forum?

[Ezra]

Yeah, mine has the forum. I contacted Cirtex and they said they are able to replace the public_html folder from backups that they run. YES! They run backups! I already have most of the files on my computer, but it saves me a lot of hassle, thankfully.

Anyways, thanks for the help :-)

[camarados]

Also my website was hacked last night.
See also my topic here: http://phpmotion.com/forum/index.php/topic,12717.msg75860.html

Its looke they changed the index.php file.
After replacing this file with the original index.php file the website was up and running again.
But, after 5 minutes it was hacked again. So maybe there s a script that is somewere running? 

Maybe more people has their site hacked these days?

What can i do?
replace config files?
change passwords?
secure upload script?

Please advise

[den48248]

Are you on cirtex?

[camarados]

No, another (dutch) host.

[matchmanhattan]

Hi Frankie,


You are correct.  My site was with cirtex on NS75 and ns76.  I got hacked too!! 
After some other unhappiness with Cirtex, I moved to another host and it has been very good. Thank God.

from that list it seems that NS75 and NS76 are affected, a bunch of sites got hit.

is your site the one with the forum?