Click here to Skip to main content
15,400,333 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
Hi All,
Hope you are doing well.

I've suffering from hacker attack for one of my client website.
Each and ever time anonymous user adding unwanted code and hyperlink on my website home page(default.aspx).
These hyperlinks he added bottom of my default.aspx page.Due to above code web page getting compilation error.Every day I am removing these unwanted code from the webpage on webserver.
My web site is running Medium trusted level on shared hosting web server.
It has following permission for following user:
Permission attributes
--Full control
--Modified
--Read & Execute
--List Folder Content
--Read
--Write


User Groups & names
*Administrators
 --All permissions check
*System
 --All permissions check
*FTP accounts (ftp_subaccounts)  [No permission for this user]
 --Full control uncheck
 --Modified uncheck
 --Read & Execute uncheck
 --List Folder Content uncheck
 --Read uncheck
 --Write uncheck
*Plesk IIS Anonymous Account (IUSR_sadgutn8)
 --All permissions check
*Plesk IIS Worker Process Identity Account (IWPD_2677(sadgutn8))
 --All permissions check
Plesk FTP subaccount (sadguru)
 --Permission for "List Folder Contents" check
* Plesk Domain user (sadgutn8)
 --All permissions check


Earlier it has permission for Everyone (full control) but I've removed that; also I've change all C panel and FTP account password.But still hacker continuously attack.

Can anyone please suggest me how can I prevent my website from these attacks.

Any help would much appreciate.

Following code he added recently:

XML
<a href="http://www.ebk8.com/amdc/">网上赌åš</a>
<a href="http://www.ebk8.com/qxws/">全讯�/a>
<a href="http://www.ebk8.com/zqbf/">赌çƒç½?/a>
<a href="http://www.ebk8.com/pjdc/">澳门葡京赌场</a>
<a href="http://www.ebk8.com/ssc/">时时�/a>
Posted
Updated 16-Nov-15 21:02pm
v5

The main things to look for are SQL Injection attacks, and possibly XSS, as well as other issues like weak passwords etc. Ultimately it's a massive subject, far too big for here. If you're serious then get the code scanned using a tool like HP's Fortify, and there will be others. You can also get the site penetration tested, or "pen tested", which is when a security firm runs a suite of common attacks against your site to see if they can gain access.
   
Just find yesterday post on social media, it is good explanation and maybe it will be helpful for you, just readt http://bit.ly/1lhLnHh
   
C#
Thanks for the help.
I have checked the vulnerabilities and removed all unwanted filed from the root directory and changed the all Access credentials of C Panel including FTP.
Currently site is safe.
Thanks.
Have a good day.
   
This is a very broad question.

But, start by revoking any "write" access to your users, unless they are admin and then try to secure your control panel. Unless that is someone from within, he won't be able to access it. Also, try to see who makes changes, thus "source control" is always a preferred tool in the teams. It gives you information about the user who made a change in the system. You can then catch them, if they are from within your system. Otherwise, ban their IP address.

Hackers usually try to access your website from any input field, if you do not provide them a way, they won't be able to enter. SQL Injection, cross-site forgery or scripting may also be a reason. They may try to enter an invalid field to see if that works, and invalidated data, concatenated SQL commands are very attractive to them.

https://en.wikipedia.org/wiki/SQL_injection[^]
https://en.wikipedia.org/wiki/Cross-site_scripting[^]

I recommend that you, at once, contact the system administrator and/or network administrator and ask them to solve this problem.
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900