SOLVED Fluent - body.yaml updated by nefarious party
-
-
- Barbara
- Newbie
- Posts: 12
- Thanks: 1
-
One of my clients got hacked. As far as I can tell, it was rudimentary. They added a call to a remote script to the custom body.yaml file:
body_bottom: '##script code##'
Of course, there could be other changes that I couldn't find.
I don't know how they got access to do this. I don't think it was brute force. I do see several login attempts, but the Manage Users screen shows no one logging in on the day the file was modified.
Any suggestion on how to determine how they got in?
Regardless, I thought I'd let you know, in case there's some vulnerability in the template or Gantry. Like I said, I have no idea how to assess that, but I trust that your team does.
Thanks.
-
-
-
- MrT
- Preeminent Rocketeer
- Posts: 101084
- Thanks: 13481
- Web Designer/Developer
-
Please note that by answering your own post you take yourself out of the MODS "unanswered posts" queue and therefore might have to wait longer for a response - it's better to edit your original post so this does not happen.
Do you have a security product installed? (e.g. for Joomla that would be Akeeba Admin Tools Pro or RSFirewall or SUCURI). If not you really should have one installed. Also make sure everything is up to date on latest versions. We have no know security flaws in any of our products.
Regards, Mark. -
The following users have thanked you: Barbara
- Please search forums before posting. Please make sure your post includes the version of the CMS you are using and a link to the problem. Annotations on screenshots can also be helpful to explain problems/goals. Please use the "secure" tab for confidential information.
-
Time to create page: 0.039 seconds