Welcome,
Guest
.
Please
login
or
register
.
Did you miss your
activation email
?
News:
Elxis documentation
for users and developers.
Home
Help
Login
Register
Elxis CMS Forum
»
Support
»
Security
»
Under Attack?!
« previous
next »
Print
Pages: [
1
]
Author
Topic: Under Attack?! (Read 8725 times)
de-active
Full Member
Posts: 222
Under Attack?!
«
on:
October 13, 2009, 17:20:55 »
I believe I may be under attack
- I keep getting this message on my Elxis admin section:
Detected CSRF attack! Someone is forging your requests
So what do I do? Get in the bunker?
Just as well, it's not a production site!
Logged
CREATIVE Options
Authorized Elxis Professional
Elxis Community
Hero Member
Posts: 2334
Professional services for Elxis CMS
Re: Under Attack?!
«
Reply #1 on:
October 13, 2009, 19:19:34 »
First of all, when you type username & password, CLOSE all other websites!!
The CSRF is meaning that you MAY be under "Cross-Site Request Forgery" from other website by many way's.
SO be careful !!!
CSRF FAQ
Logged
de-active
Full Member
Posts: 222
Re: Under Attack?!
«
Reply #2 on:
October 13, 2009, 22:42:19 »
Thanks for that
Logged
aiden11
Full Member
Posts: 134
Re: Under Attack?!
«
Reply #3 on:
October 16, 2009, 22:22:42 »
My site was attacked too
now on google firefox shows as an attack site
Malicious software includes 15 exploit(s), 8 trojan(s).
Malicious software is hosted on 3 domain(s), including npanelsrv.info/, keymydomains.com/, myndomain.info/.
is there an issue with the software or something that i have to configure
Logged
ks-net
Elxis Community
Hero Member
Posts: 2072
Kostas Stathopoulos
Re: Under Attack?!
«
Reply #4 on:
October 16, 2009, 22:37:09 »
BE MORE SPECIFIC PLEASE...
YOUR ELXIS VERSION
YOUR SITE URL( write like this Mysite[dot]com we don't want to appear as link)
LIST OF YOUR EXTENSIONS.. ESPECIALLY THOSE FROM OTHER CMS(NOT ELXIS)
WHERE-HOW-WHEN AND WHAT IS HAPPEN TO YOUR SITE
********TO(HAD TO) CONFIGURE IN GENERAL******
REMOVE ALL NON-ELXIS EXTENSIONS
ENABLE DEFENDER
SETUP-SECURE YOUR PHP
CHECK SERVER-FOLDER-FILES PERMISSIONS
ENABLE ADMIN-CLOAK
read this
http://wiki.elxis.org/wiki/Category:Security
Logged
ks-net.gr
aiden11
Full Member
Posts: 134
Re: Under Attack?!
«
Reply #5 on:
October 16, 2009, 23:14:16 »
I have deleted all files on the server, do have a backup
doing a fresh install now, my site is hotelsinalbania.net and havent used any third party ext, modules or bots
Logged
Ivan Trebješanin
Elxis Team
Hero Member
Posts: 1663
Re: Under Attack?!
«
Reply #6 on:
October 16, 2009, 23:52:01 »
You didn't tell us what version of elxis?
Is your PHP secured (register globals, allow_url_fopen, shell_exec...)?
Did you browse any other site while administering your site?
Logged
I've got a snap in my finger...
Got rhythm in my walk...
benone
Jr. Member
Posts: 67
Re: Under Attack?!
«
Reply #7 on:
October 19, 2009, 03:04:53 »
Same thing happened to me twice and I would have reported the case. In fact I had to look well to be sure it was someone else reporting this issue. But in my case I was browsing another site handling links on both occasions. I'll study the situation again.
Logged
Print
Pages: [
1
]
« previous
next »
Elxis CMS Forum
»
Support
»
Security
»
Under Attack?!