Community

New post

Post

2 followers Follow
0
Avatar
Tomáš Khoder

PHP Injections on my site

Is there a way to better secure my site against cyber attacks? When I look through defines.php and index.php, there are PHP injections in there looking like this http://imgur.com/a/bA1tU . How do I prevent this? It happened two times already.

My site: http://pbelaw.com

 

Please sign in to leave a comment.

1 comment

0
Avatar
Sam Clayton

Hello Tomáš

Please be advised that defines.php file does not belong to MotoCMS HTML template files. There are multiple ways that hackers can gain access to your account:


1. An insecure password you have set (either for the cPanel or an FTP account)
2. An insecure PHP setting you are using on your account
3. An insecurity on a computer you use to access your account (a virus or other malware on a home or work computer)

Due to this very problem, once you've been hacked once it's important, essential even to protect your account from further infection. Some things to do to protect yourself are:
- Keep your scripts up to date
- Update your cPanel password, using a strong password (i.e. upper case characters, lower case characters, numbers, symbols).
- Remove unused FTP accounts.
- Update the passwords on necessary FTP accounts to strong passwords (see above).
- Secure your home computer by using an up-to-date anti-virus program; if you already use an anti-virus program, download and try a different anti-virus program, which may scan for different issues.

Best regards,
Sam Clayton

0 votes
Comment actions Permalink