| « A google search for Yahoo Counter Starts code | Yahoo Counter injected code mysql database fix (from MikeB12) » |
So far so good
This is from http://blog.kansaslife.net encase you have found bits and pieces of this blog on cached and no longer working pages floating around the internet. (im seeing a lot of them lately)
Just a small update. I still haven't talked to anyone that knows for sure how this injected code got in to our directorys, or databases (on the web servers). Just be sure to change your FTP passwords and stay on your host (especially IX webhosting) until this thing passes.
Another small note, i found this injected code in about 75 of my plain HTML pages on my server (which was most of them). I checked my permissions on the directory's and files and they were all ok so that was not the point of entry as far as mine goes.
Iv been checking daily for more injected code but since i started with a fresh database and files, and changed my FTP passwords and yelled at IX webhosting repeatedly about this, i haven't seen any. Also something to be aware of, if you use your Cpanel to access webshell, phpMyAdmin etc, at least with IX webhosting you get a warning that though the connection is encrypted, that the info your getting ready to send is not encrypted and that it can be easily read by a 3rd party. This obviously could be a way for someone to capture your passwords so beware if that's how your control panel works.
XML Feeds
