On 4/29/10, Al wrote:
> Ross had a good suggest about planted links to external malicious sites. One
> the sites I worked on a couple of years ago had this happen. They ask me to
> into it.
> There were about 90 htaccess files that redirected the user to a malicious
> whenever there was an error, 404 etc.
> visitor's IP and the file's complete URL to a website in Russia.
> About 300 php files had some php code that generated html code had likewise
> the visitor's IP and the file's complete URL to a website in Russia.
[snip remainder of horror story]
How do people get their sites into this state? Is it just me, or
wouldn't a regular comparison of MD5s of the site contents with SCM
contents stop most of that kind of thing (after the event, but still,
better that than continue in that state).
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php