We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
MODX Community Forums Archive

Website Hacked with PayPal Phishing Site

    • 5014
    • 1 Posts
    cheets Reply #1, 14 years, 10 months ago
    We had a website developed for us by an external company then placed on a shared web hosting solution with 1and1 which got hacked yesterday. It seems someone had exploited ./assets/snippets/reflect/snippet.reflect.php to run some malicious code which created a PayPal Phishing site on our server. To 1and1’s and PayPals credit they both notified us of the intrusion pretty quickly and disabled the suspect files.

    I’ve read a lot about Register Globals having to be set to ’Off’ which was definately the case, so how else could the site be jeapordised?

    My knowledge of PHP is extremely limited and unfortunately we cannot contact the original developers any more.

    Any pointers in the right direction would be gratefully received.
      • 16183
      • 1,390 Posts
      kongondo Reply #2, 14 years, 10 months ago
      This seems like it is related to this issue here http://modxcms.com/forums/index.php/topic,30875.msg222126.html#new that was reported last year and a fix provided.

      I would suggest you subscribe to security updates, upgrade to the latest modx when they are released in addition to other normal safeguards

      cheers/k
        Wayfinder Lessons: The (almost) Complete Guide to Creating Menus in MODx Using Wayfinder