34Ford Posted February 19, 2020 Share Posted February 19, 2020 My root index.php was deleted somehow, should I be concerned? Im running v6.1.1 Could I have been hacked? Thanks Link to comment Share on other sites More sharing options...
bsmither Posted February 19, 2020 Share Posted February 19, 2020 With CC611, it is conceivable you may have been hacked. CC6112 has a critical security update. Exploiting that vulnerability - which very possibly might exist in CC611 - could eventually lead to all manner of mayhem, including deleting files. Link to comment Share on other sites More sharing options...
Al Brookbanks Posted February 19, 2020 Share Posted February 19, 2020 Have a look at this: Link to comment Share on other sites More sharing options...
bsmither Posted February 19, 2020 Share Posted February 19, 2020 The admin hijack vulnerability was fixed in CC607. Still, you might want to mention your issue to your hosting provider. There is the possibility of a server-wide intrusion that damaged everyone's hosted site. Link to comment Share on other sites More sharing options...
Al Brookbanks Posted February 19, 2020 Share Posted February 19, 2020 I agree with @bsmither this isn't uncommon. A malicious bit of code can delete every index.php on the server. Link to comment Share on other sites More sharing options...
havenswift-hosting Posted February 19, 2020 Share Posted February 19, 2020 6 hours ago, bsmither said: Still, you might want to mention your issue to your hosting provider. There is the possibility of a server-wide intrusion that damaged everyone's hosted site. 6 hours ago, Al Brookbanks said: I agree with @bsmither this isn't uncommon. A malicious bit of code can delete every index.php on the server. It would be an extremely poor hosting configuration that allowed this ! An intrusion via an issue in an application could potentially delete or adjust files within that one account but it *should* never be possible to affect files in other accounts. Any hosting company that configures their servers to allow this access deserves all the hassle they will get. Link to comment Share on other sites More sharing options...
Al Brookbanks Posted February 20, 2020 Share Posted February 20, 2020 I fairly regularly see merchants with a VPS or dedicated server running cPanel that has never been upgraded. Accounts not jailed and operating systems that are years out of date. Link to comment Share on other sites More sharing options...
havenswift-hosting Posted February 20, 2020 Share Posted February 20, 2020 There is no accounting for people that dont help themselves by running out of date software Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.