Announcement

#1 2010-06-11 10:29:45

TimH
Guest

Piwigo running on two sites and both sites hacked, any advice.

I installed Piwigo on two sites about 3 weeks ago.

The two sites are
charlotteharber.co.uk
(which I have left as it was after the attack)

palaceportfolios.co.uk
(which I have replaced the index.php in the root directory from the initial package.

Can anyone assist with getting the index.tpl file error message sorted.

And is there anything that I should do to prevent another attack.

Thanks Tim

 

#2 2010-06-11 10:45:02

TimH
Guest

Re: Piwigo running on two sites and both sites hacked, any advice.

I have decided to remove the corrupted index.pho from the root of the first site.

The site claiming responsibility for the attack is http://bgdad.webs.com/

I can get into the admin panel ok after copying the original index.php into the root directory.

 

#3 2010-06-11 10:50:51

tosca
Former Piwigo Team
Cévennes (France)
2006-09-23
567

Re: Piwigo running on two sites and both sites hacked, any advice.

Which Piwigo version are you running?
Did you get it from our site, or from somewhere else?

Depending on the volume of data you have on your sites (3 weeks is not much ...) it might be easier to reinstall from scratch, or to do a dump of the database and reimport it in a new installation.


My galleries : Photos, Watercolours, Recipes

Offline

 

#4 2010-06-11 11:35:18

plg
Piwigo Team
Nantes, France, Europe
2002-04-05
13786

Re: Piwigo running on two sites and both sites hacked, any advice.

I suppose you have Piwigo 2.1.0 or 2.1.1 (because the HTML loads themes/dark/theme.css)

This is very important to know if the hacker used a security vulnerability in Piwigo or somewhere else. Please keep us informed and don't reveal the failure publicly before we have a fix for it. Contact us by email : "contact" /at/ "piwigo.org".

Offline

 

#5 2010-06-11 12:17:03

VDigital
Former Piwigo Team
Paris (FR)
2005-05-04
17680

Re: Piwigo running on two sites and both sites hacked, any advice.

What sound strange to me is 2 hacked sites for 1 webmaster at the same time.
Are these website on the same fileserver ?
Same hoster ?

Anyway please use contact rather forum on security alerts.
Thanks.

Note: Contact is available in footer.


Piwigo.com: Start and run your own photo gallery. Signup and get 30 days to try for free, no commitment.
8-)

Offline

 

Board footer

Powered by FluxBB

github twitter newsletter Donate Piwigo.org © 2002-2024 · Contact