Quote:
Originally Posted by f.montoya
...
We use the CMS Mambo along with phpbb2 or phpbb3, depending on how long the league has been around. Actually, on a few of the upgraded sites, the malicious code actually failed in it's purpose.
...
|
Thanks. I just read a few articles on "****** attacks" as that seems to be what this is commonly labeled and it sounds as though there are countless ways that these attacks can be made (different CMS's, different forum software, even stuff like cPanel). When we first got it I of course thought it might be our phpbb forums (I know a bit about SQL injections and the like) as we were using an old phpbb2.x version instead of the latest phpbb3.x, but the forum pages weren't effected at all, only the main part of the site, so I thought it wasn't the forum. Thinking about it some more, however, I suppose it could have been our forum and somehow they used it to attack the rest of our site, but not the forum itself, maybe to throw us off of what the cause could be. Anyway, your experience leads me to believe this very well might be the case.
Anyway, to anybody out there who is running outdated forum or CMS or any other kind of website software, I highly recommend doing what fidel did and upgrade it, even if you don't think that's the cause. It very well could prevent the problem. You should probably also notify your webhost as they should take a look at whether their stuff is up-to-date as well, but at the very least update whatever you can.