Mysterius acces to website

A place for security related announcements and discussions - please check this forum frequently!
Post Reply
bibs
Posts: 2
Joined: Thu Apr 26, 2012 2:05 pm

Mysterius acces to website

Post by bibs » Thu Apr 26, 2012 2:21 pm

I am managing a website with a gallery (Svarrer Gallery). And in the text field at one of the pictures some text parts of a porn-messageboard pops up. I delete - and an hour after its there again - not the same phrases but still porn :(

I have tried to delete the picture and nothing pops up at the others - I have renamed the picture and it pops up again

Is there a hole in the security of the page or what is happening?

Be happy if someone could help!

Link to the "infected" page: http://www.nordiskmetalkunst.dk/?Bronzedyr&pic=3&page=0

Bibs
Top
cmb
Posts: 14225
Joined: Tue Jun 21, 2011 11:04 am
Location: Bingen, RLP, DE
Contact:
Contact cmb

Re: Mysterius acces to website

Post by cmb » Thu Apr 26, 2012 3:05 pm

Hi Bibs,

on your site the comments function of gallery is enabled! You have to set show comments: False in the Plugin Configuration. Only blanking the language strings is not enough, to keep spam bots off. In fact it's quite easy for spam bots to add comments, once they found out how to do so. :evil:

Christoph
Christoph M. Becker – Plugins for CMSimple_XH
Top
bibs
Posts: 2
Joined: Thu Apr 26, 2012 2:05 pm

Re: Mysterius acces to website

Post by bibs » Thu Apr 26, 2012 3:27 pm

Thx so much Christopher :D
I've found a solution!!!

Bibs
Top
Post Reply

Return to “Security”