Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I have some security issue with my website. It started by creating wp-admin directory on my FTP server with malicioust .txt file. index.php was also changed (some code at the beginning was added)
I changed all passwords and completely deleted the CMS folder from the server. I removed also wp-admin directory and malicious code from index.php
Lots of unauthorized connections to my website started with this change.
Detalis here:
database log
All calls to .shtml files were blocked by .htaccess file.
Unfortunately there are still attempts to access other resources
for example:
/wp-load.php?daksldlkdsadas&
/ajax-index.php?url=http://domainnamespace.top/lf.jpeg
/aindex.php?daksldlkdsadas&
/wp-load.php?WordPress=newzealandpolicy.wang/popn.txt&Database=1index.php
/sitemapimages79.xml
/sitemapimages5.xml
How can i prevent this calls?
What kind of attack is it and what is its purpose?
It's not wordpress based website
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I have a wordpress site which is working on local. In order to test the mobile design I changed the URL from settings to my local IP. It worked fine, and then I changed it back to localhost. But problem is accured today, my local IP is changed and now wordpress still redirecting me to my old url.
My local IP is 192.168.1.40 now
I changed site url from database manually and still have problem.
If you have access to your data, you can edit site_url and home rows in the wp_options table.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
When making a php web site in dream weaver, does the site have to have htdocs folder ?
The problem I have is I have a domain www.whatever.com.
Once I created the index.php in dreamweaver, I hit the put button and it uploads just fine.
So the connection to my website from dreamweaver works.
But when I got to the website www.whatever.com , it shows an apache test page where I want the index.php to show.
The answer to your first question is "no". Every website functions differently and having a htdocs folder is not a requirement by any means.
I suggest trying to upload index.php to the root directory (folder). The "root" is basically the top level folder that you have access to on your hosting account. Then, if that doesn't work, keep trying folders until it does work. As other people suggested, the correct folder can be called "public", "public_html", "www" or something else.
Just be sure you remember where it is located for for future reference. And don't leave a bunch of index.php files scattered in various locations on your server or it could create problems on your website in the future.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I have LAMP installed in my server and I use virtualhosts to map domains to subdirectories. I need to allow my customers to upload files (including php) to their server using FTP.
The problem is that a customer using a domain xxx.com.br uploaded a file test.php and executed it like:
xxx.com.br/test.php
The content of test.php if file_put_contents("../../xxx.txt","teste") and it worked! The file xxx.txt was created 2 levels above his domain folder! How do I prevent this from happening?
Don't give the PHP process access to directories it isn't meant to reach.
That's kind of the point of the whole permission system.
In Linux, PHP will generally run as its own user, just make sure that user doesn't have read or write permission to any files you don't want exposed.
For this purpose exists open_basedir configuration directive. More information about it for example here.
Moreover it is good to use FastCGI which allows each script to be run under its owner. More information about it for example here.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I need help to remove some advertise which comes under a few my client's machines. It's comes as big banner advertise in the free area of index page and each advertise has a message as "ads by sense" .
I can not inform any user to uninstall the useless browser plugins as this advertise never appear in other site like google.com,yahoo.com or boston.com etc at same machine. OR may be they are not TECHNICALLY GOOD in remove BROWSER add-ons.
Please help me how can I remove this useless advertise from my site without program in PHP or .HTACCESS file or ther Technics
There is no way you can control web page behaviour once its on clients browser, I mean, the browser queries for ads and places on your page. Those ads are not loaded from your website side.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I have never touched a .htaccess file. Can someone help me with the code I would need to replace a domain name with another domain name.
I have 10 domains pointed at the same directory as domain.com. When someone arrive via any of the 10 urls, I want them to see that URL through the entire visit on the site. So I need to do a rewrite that says to take domain.com and change it to $_SERVER['SERVER_NAME']. This variable holds the url a person typed to get to my site.
Please assist me, mod rewriting seems significantly more difficult then I would have imagined.
You can just write some code in your index file to redirect to new domain