Iframe attack

WHI

Verified User
Joined
Sep 25, 2008
Messages
60
How can we protect ourselves (own server) from iframe attack? Is there anybody having any idea?
 

scsi

Verified User
Joined
Aug 19, 2008
Messages
4,695
You explain no details how do you expect help.
 

WHI

Verified User
Joined
Sep 25, 2008
Messages
60
More of my sites where infected by iframe maleware. They didn't connect throrgh ftp there did'nt leave a trace.


Generally the infected the files are index.php, index,html, home.php.
 

WHI

Verified User
Joined
Sep 25, 2008
Messages
60
Once I realized that one of the sites was down (syntact error).
I checked the part was signed wrong, and I found an iframe in it with a reference to an other site.
I ran a search with grep on the server, and found the same at another separate user... That's happened.
The ftp log hasn't signed any connection...

I searched in google but I could not find a real solution to the problem.
 
Last edited:

Jackiegoal

Verified User
Joined
Nov 22, 2006
Messages
66
So one of your website's pages was replaced with another? That could be a sign of a PHP injection vulnerability. Did you develop the websites yourself? If you did, look up PHP injection using Google and you can see whether you have vulnerabilities in your websites.
 

WHI

Verified User
Joined
Sep 25, 2008
Messages
60
So one of your website's pages was replaced with another?
No, they put an iframe to code of my website. This site was a wordpress. This is a Cross site Scripting.
How doy you defend this attack against?
 
Top