Loading...
 
Features / Usability

Features / Usability


Hacked or something...

posts: 3

So I was going through my website date (I hardly ever do this) and noticed some of the highest traffic was coming from tikiwiki pages that I have never created. After visiting some of these they where spam or porn related things which is not content I deal in.

I started looking for possible hacked user accounts etc. I found no logins on any of the user accounts that correspond to these page postings. One thing to note, all these pages where located in tiki/backup/d_ directory with _ being some number. I deleted over 1500 pages out of it that I never posted.

The question now arises how did they get there?

My main access to the website and the tiki user account showed no logins since my last known login. There was also no history in tiki showing the pages where ever created by any user.

Hopefully the hacker doesn't come back and trash my site after deleting all his free hosted content was deleted.

Ideas?

Tnx

posts: 3

I just found an interesting file in with the tiki backups folder. I suspect this file as a root kit or some sort unless its part of tiki which I doubt.

Please be warned the file I am attacking is suspected to be trogen type file.



posts: 1817 Catalan Countries

HellTrix, welcome to Tikiwiki community, and sorry to hear that problem with your installation or server.

Please, post the tiki version of your installation, and as ricks99 says, please indicate which permission did you use to install tiki on your server (the more restrictive perms, the better: I mean, if you can install it with 755, or 775, instead of 777, then much better). Refer to the installation pages on Documentation if needed to understand more about it, if needed.
HTH
Xavi


posts: 3

The permissions for the backup dir is 755.
To be honest, I didn't install tiki myself. The site is on hostmonster.com (lol, I know its funny, but my linux machine died a while back so I found the cheapest temp site, which ended up a longer then anticipated temp).
So the Automated (scripted) installer, assembled the tiki installation, and I configured a few options and it was done.
My version is: tikiwiki 1.9.7
Not really sure how I would go about upgrading it. I have access to all the files and can request temp shell access.

If you suggest changing the permissions on the backup dir, what should they be changed too. Been away from linux too long to remember them off hand.

tnx


Upcoming Events

1)  18 Apr 2024 14:00 GMT-0000
Tiki Roundtable Meeting
2)  16 May 2024 14:00 GMT-0000
Tiki Roundtable Meeting
3)  20 Jun 2024 14:00 GMT-0000
Tiki Roundtable Meeting
4)  18 Jul 2024 14:00 GMT-0000
Tiki Roundtable Meeting
5)  15 Aug 2024 14:00 GMT-0000
Tiki Roundtable Meeting
6)  19 Sep 2024 14:00 GMT-0000
Tiki Roundtable Meeting
7) 
Tiki birthday
8)  17 Oct 2024 14:00 GMT-0000
Tiki Roundtable Meeting
9)  21 Nov 2024 14:00 GMT-0000
Tiki Roundtable Meeting
10)  19 Dec 2024 14:00 GMT-0000
Tiki Roundtable Meeting