544 Posts in 1316 Topics by 235 members
|Go to End|
10 December 2009 at 8:29am Last edited: 10 December 2009 8:30am
Hey guys, it's been a few months since I played with SS and I'm getting withdrawals. Been playing with Magento, which hasn't been the most exciting experience.
Any way I'm very hung over today, so I thought I'd through my query out there and see what comes back. Hopefully more than my marinated brain can produce.
I've been hosting a couple of sites on host gator, not the best host, but cheap to host a couple of sister sites on a different ip. They've been hacked a couple of times in the last month. And now google has de-indexed some of the sites
The first time I got hacked I reset the ftp/cpanel password and user name. I've been hosting 2 SS sites and 2 Word Press sites (WP being my brothers choice of CMS). And it's a shared host.....
Are there security vulnerabilities with SS? Ones that could enable the server to be hacked? Host Gator being the angels they are don't offer a lot of incite. I'll search though some log files after a strong cupa Joe. After writing all that and rereading it I've forgotten what I was going to ask.... DAM I had a clear question when I started. "after a minutes hesitation" I guess any ideas into why I got hacked and ideas on prevention... but that's a lot to ask....
10 December 2009 at 12:04pm
Are there security vulnerabilities with SS?
Make sure you're using the latest versions of SS and follow the security release announcements - http://groups.google.com/group/silverstripe-announce when we announce a security update then you are recommended to upgrade as soon as possible. Due to the nature of the open code base as soon as we fix anything security related the issue is pretty much out in the open!
Then again but the sounds of your sites being defaced thats not the usual outcome of when a user gets access to your SS site due to the fact the themes aren't controlled in the cms.
Make sure your site isn't in devmode as well - devmode has less security restrictions.
|Go to Top|