Announcement

Collapse
No announcement yet.

Hacked sites and Filezilla

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Hacked sites and Filezilla

    I've just been chatting to support about a number of domains on one of my VPSs that have been hacked. The support person recommended not using Filezilla.

    I've done a quick check and can't find and major horror stories other than the fact that FZ apparently stores passwords in plain text in an XML file. I work alone and from home so this isn't really a problem for me.

    Are there any other issues I should be aware of?

    Incidentally, support could offer no explanation as to how these domains had been hacked. My client does, despite my warnings, insist on using Front Page which I suspect may be a factor.
    black-dog
    4theweb.co.uk Web stuff
    slipperyhill.co.uk Band

  • #2
    Hi Black-dog,

    I have used Filezilla for many years; mainly across many Windows machines of both the client and server platform and I've never encountered any issues.

    I'm strongly liaised with the lead developer of Filezilla, and have been for a while and I'm positive that there aren't any flaws out with the latest release of Filezilla.

    There was an issue a while back with FP if I can recall it correctly. I'm unsure of the specifics but a quick forum search of Frontpage could bring it up.
    Webhosting.UK.com || cPanel VPS Hosting || Reseller Hosting

    Sales: 0808-262-0855
    Support: 0800-612-8725
    International: +44 191 303 8191

    Comment


    • #3
      Originally posted by Dan View Post
      Hi Black-dog,

      I have used Filezilla for many years; mainly across many Windows machines of both the client and server platform and I've never encountered any issues.

      I'm strongly liaised with the lead developer of Filezilla, and have been for a while and I'm positive that there aren't any flaws out with the latest release of Filezilla.

      There was an issue a while back with FP if I can recall it correctly. I'm unsure of the specifics but a quick forum search of Frontpage could bring it up.
      That's good because I like it as an ftp client. I'm more inclined to believe (hope) the issue is with Front Page. On my other VPS I have had FP extensions removed.
      black-dog
      4theweb.co.uk Web stuff
      slipperyhill.co.uk Band

      Comment


      • #4
        Filezilla is a really good FTP program and it is routinely upgraded as new changes are made. Sometimes if sites get hacked this can be down to poor password choices, and bad programming (especially if someone is using database connections within their sites) and the software or programming is a bit lapsed and leaves backdoors in

        Hacking can be defined in different ways - so what do you mean by hacked?
        Web Design Services

        Comment


        • #5
          Originally posted by MrTWS View Post
          Filezilla is a really good FTP program and it is routinely upgraded as new changes are made. Sometimes if sites get hacked this can be down to poor password choices, and bad programming (especially if someone is using database connections within their sites) and the software or programming is a bit lapsed and leaves backdoors in

          Hacking can be defined in different ways - so what do you mean by hacked?
          In this case, seeded with a load of hidden links.

          The advice not to use Filezilla came from Alan V on WHUK support chat.
          black-dog
          4theweb.co.uk Web stuff
          slipperyhill.co.uk Band

          Comment


          • #6
            Well in my opinion, the two FTP programs that come preinstalled with cPanel are more likely to have flaws than Filezilla.

            I'm not sure where Alan got his sources from?
            Webhosting.UK.com || cPanel VPS Hosting || Reseller Hosting

            Sales: 0808-262-0855
            Support: 0800-612-8725
            International: +44 191 303 8191

            Comment


            • #7
              Originally posted by black-dog View Post
              In this case, seeded with a load of hidden links
              And does it use a database or a forum software, or some other method of user input?
              Web Design Services

              Comment


              • #8
                Originally posted by MrTWS View Post
                And does it use a database or a forum software, or some other method of user input?

                A number of sites on the same VPS were affected. No forums, but some scripting (written by me)
                black-dog
                4theweb.co.uk Web stuff
                slipperyhill.co.uk Band

                Comment


                • #9
                  I hope you don't mind me saying then (and please excuse me for saying) but if your scripting is flawed or leaves vulnerabilities then that might be the problem. I only say that because some sites that get "hacked" do so through some weak scripts or insecure programming

                  Obviously not being a hacker myself I don't know how these loopholes work, but I know they must exist if someone or some people have broken your sites. Check all your scripting again and make sure that everything is airtight. If you want to PM me some details - like the site name, or what scripting you have done, I can run through it with you too (a fresh pair of eyes can help)
                  Web Design Services

                  Comment


                  • #10
                    Originally posted by MrTWS View Post
                    I hope you don't mind me saying then (and please excuse me for saying) but if your scripting is flawed or leaves vulnerabilities then that might be the problem. I only say that because some sites that get "hacked" do so through some weak scripts or insecure programming

                    Obviously not being a hacker myself I don't know how these loopholes work, but I know they must exist if someone or some people have broken your sites. Check all your scripting again and make sure that everything is airtight. If you want to PM me some details - like the site name, or what scripting you have done, I can run through it with you too (a fresh pair of eyes can help)
                    I don't think the problem lies with my scripting though thanks for the offer of help. The site in question has an online registration system and a number of submission forms. There will eventually be an upload facility (always a problem area) but that is not in place yet. I'm more inclined to believe that this is another Front Page exploit.
                    black-dog
                    4theweb.co.uk Web stuff
                    slipperyhill.co.uk Band

                    Comment


                    • #11
                      Fair enough black-dog as I say if you want a hand (even though I'm not that smart) I'll be happy to do that. Good luck with the issue though and I hope you did not take umbrage at me suggesting it was an error on your part - only a possibility as I know too I've made errors too myself and it is not till someone points it out, that you even realise there is a problem

                      Best wishes
                      MrTWS
                      Web Design Services

                      Comment


                      • #12
                        Sorry to jump in on this thread but just thought I would say that my forum was hacked but don't know if it is on the same server as you. So forums have been hacked.

                        Chat apparently sorted it last night (thanks Martin) by rolling to a backup but I have not had chance to check anything yet.

                        He said it was something about permissions but I don't understand those. He said he had fixed them too but guess I will only know if they are right if I get hacked again or I can't get on my site.

                        I use frontpage because I am not a qualified webdesigners - I am just a crafter with a website. I don't understand all the bits I just use them. I would have hoped that the hosting here was secure enough for this not to happen - obviously not.

                        Can anyone explain further what has happened?

                        Comment


                        • #13
                          Originally posted by Cassie View Post
                          Sorry to jump in on this thread but just thought I would say that my forum was hacked but don't know if it is on the same server as you. So forums have been hacked.
                          This isn't anything to do with forums. In fact there isn't a forum on the site.

                          Originally posted by Cassie View Post
                          He said it was something about permissions but I don't understand those. He said he had fixed them too but guess I will only know if they are right if I get hacked again or I can't get on my site.
                          Permissions being set correctly won't help if someone can use ftp, as in my case.

                          Originally posted by Cassie View Post
                          I use frontpage because I am not a qualified webdesigners - I am just a crafter with a website. I don't understand all the bits I just use them. I would have hoped that the hosting here was secure enough for this not to happen - obviously not.

                          Can anyone explain further what has happened?
                          There are known security issues with FrontPage and I have told my client this on many occasions. And M$, bless their little cotton socks, have dumped it. What does that tell you?

                          If you are on a Windows server you should be ok for a while. If on Linux you'll have to accept that you use FP at your own risk.



                          Yes I feel sorry for people like you and my client who have invested time and money in this product but perhaps this will give you some idea why M$ is despised by so many people.
                          black-dog
                          4theweb.co.uk Web stuff
                          slipperyhill.co.uk Band

                          Comment


                          • #14
                            I only said about the forum because one of the posts said NO forums had been affected.

                            I don't need your pity - I have since found out it was nothing to do with Frontpage.

                            Martin said he had fixed the site but when I checked there was still 2 directories in there that had the hackers information in it. They have now been deleted properly.

                            All passwords were strong but have been changed to be stronger.

                            Comment


                            • #15
                              Please keep the hastiness to a minimum.
                              Webhosting.UK.com || cPanel VPS Hosting || Reseller Hosting

                              Sales: 0808-262-0855
                              Support: 0800-612-8725
                              International: +44 191 303 8191

                              Comment

                              Working...
                              X