[Novalug] php vulnerability is affecting my web pages at remote host

Bonnie Dalzell bdalzell@qis.net
Tue May 15 13:45:58 EDT 2012


thanks

the google warning page seems to say it directs you to some place you do 
not want to go to

however what is driving me nuts it trying to figure out how to get it to 
STOP being inserted into my web pages (i have alot of sites as subsites on 
the remote server).

it is only being inserted into the index.html pages(and a different one is 
being inserted into the index.php pages) but it shows up in index.html 
page in any subdirectory.

so i spent hours yesterday getting each page to my local computer, editing 
it and sending it back clean. within 4 or five hours the pages were 
reinfected.

so this AM I went to the remote site and turned php OFF for all the 
subsites. i also backed up my dokuwiki blog and my two wordpress blogs to 
the local computer and deleted the wiki installations on in my sites on 
the remote computer

fortunately i do not really need php for most of my web presence and it 
it probably just as easy for me to make my blog essays into web pages.

for my sites i also made all the files read only.

i am waiting to see if that stops the reinfection

i have not had a successful conversation with the tech support at the 
remote IHP yet. I think they are very very busy dur to this.

strangely the three sites using server side includes and index.shtml pages 
have not been hit.

advice and sugestion are really welcome


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                        Bonnie Dalzell, MA
mail:PO box 9767 Baldwin, MD, USA 21013  |  EMAIL:bdalzell@qis.net
shipping adddress:5100 Hydes Rd 21082 (Hydes Post Office closed Jan 2012)
Freelance anatomist, vertebrate paleontologist, writer, illustrator, dog
breeder, computer nerd & iconoclast... Borzoi info at www.borzois.com.
HOME www.batw.net    ART bdalzellart.batw.net  BUSINESS www.boardingatwedge.com




More information about the Novalug mailing list