Site getting hacked several times daily

iPhonefreak · Apr 3, 2013

Hi, my site is getting hacked several times daily and nobody knows how to stop him. We don't know how he's getting in. He's injected an I-47 shell and we got that out but he keeps coming back. We need a way to stop him. Thanks!

Infopro · Apr 3, 2013

You really should be speaking to your Hosting Provider about this. You give no details here and we have no way of knowing anything about your site, server, or security here on these forums.

iPhonefreak · Apr 3, 2013

I have, and they do not know either.

Apache version2.2.23
MySQL version 5.1.67-rel14.3-log
PHP version 5.3.21
Perl version 5.8.8
Operating System linux
Kernel version 3.2.38-grsec
cPanel Version 11.32.5.15

My site is promotiontime.net

robb3369 · Apr 4, 2013

Look at your server and FTP logs, they will be in your "access-logs" directory. You can see these in both your FTP client or in cPanel.

hgrg · Apr 4, 2013

check out Exploit Database Search

quizknows · Apr 4, 2013

It's probably not FTP. there's probably another shell. You need to take the time stamps of the affected file and search for those times in the apache access logs. See my post here:

http://forums.cpanel.net/f185/found-php-shells-how-were-they-uploaded-333481.html#post1353692

Thread starter	Similar threads	Forum	Replies	Date
G	After running Auto SSL, my website still display "Not Secure"	Security	2	Aug 27, 2020
	WordPress sites getting compromised and Malware	Security	4	Aug 29, 2018
J	Site keeps on getting hacked - infected files	Security	6	Mar 15, 2018
J	Site without SSL getting redirected to a site with one	Security	2	Feb 1, 2014
A	Site getting hacked everyday	Security	10	Sep 29, 2010

Search

Search

Site getting hacked several times daily

iPhonefreak

Registered

Infopro

Well-Known Member

iPhonefreak

Registered

robb3369

Well-Known Member

hgrg

Well-Known Member

quizknows

Well-Known Member