Jamit Software Forum

Jamit Job Board Customers => User-to-User Support => Topic started by: SecureAspects on April 04, 2013, 06:15:34 pm



Title: Just started to get this this morning echo " "; echo " ";
Post by: SecureAspects on April 04, 2013, 06:15:34 pm
Just started to get this this morning, "echo " "; echo " ";" it shows up when logging into the admin side and when on the summary page it is under where the refresh whould show up whne you do a refresh, any one else have this?


Title: Re: Just started to get this this morning echo " "; echo " ";
Post by: SecureAspects on April 05, 2013, 02:01:02 am
This was caused by an injection code gzinflate base64_decode, yes I was hacked, changed all my passwords and replaced all my files, looks like the mail culprit was in my language files. Hope this helps.


Title: Re: Just started to get this this morning echo " "; echo " ";
Post by: Imran on April 05, 2013, 10:00:43 am
It is good that you were able to find and fix the problem, it is important for all of us to have proper file and folder permissions.


Title: Re: Just started to get this this morning echo " "; echo " ";
Post by: pipingdesigners on April 07, 2013, 04:27:06 am
I've had several security issues over the last few months ... to the point where candidates and employees couldn't update profiles.

It always came back to .htaccess files, I seem to have hundreds of them.

Is there a guide anywhere as to exactly what security settings should be set (files and folders)?

Cheers.


Title: Re: Just started to get this this morning echo " "; echo " ";
Post by: Imran on April 07, 2013, 09:30:26 am
Normally for folders it is 755 and for files it is 644.
But if it is required to edit and it needs 777 permission you should also change the group/ownership of the file so that it is difficult for others to write except the intended script.
Or you can even try 666 for files if it is needed to make them writable.