PDA

View Full Version : possible hack ??


SaN-DeeP
September 21st, 2005, 11:31 PM
check the attachment please. saw this nasty activity of direct image downloading for almost 2 hours when i made a .hta entry and restricted entire gallery.. :confused:

i am using latest version of photopost.

SaN-DeeP
September 22nd, 2005, 12:54 AM
I have .htaaccess password protected my directories currently.
As soon as I am removing the passwords, the above downloads/intrusion gets started.

SaN-DeeP
September 22nd, 2005, 04:07 AM
bumping back again.. its quite urgent guys

Chuck S
September 22nd, 2005, 07:35 AM
There is no need to post 3 times in the AM hours within a 4.5 hour spread. When we wake up and drink our coffee we will respond ;)

If you do not have htaccess that prevents access to those files sure people can view them directly. I dont think someone's hacking you but a spider viewing your files

SaN-DeeP
September 23rd, 2005, 03:54 AM
did you meant htaacess to data and uploads area ?

Chuck S
September 23rd, 2005, 05:48 AM
Yes block hotlinking and the sorts but I dont think there is an issue with some on your site reading your files.

SaN-DeeP
September 23rd, 2005, 06:26 AM
alrite I am using this code posted here:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://([a-z0-9-]+\.)*techarena.in* [NC]
RewriteRule /* http://%{HTTP_HOST}/gallery/index.php [R,L]

But my gallery can be accessed 2 ways:
http://gallery.techarena.in and http://www.techarena.in/gallery/

Can you help change the above quries better way ?
Thanks again omegatron.

P.S. I removed the .htaccess password protection on my gallery, now again i see those nasty crawlers hogging around :/

Chuck S
September 23rd, 2005, 07:23 AM
ten million ways to do it

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?reeftalk.com/.*$ [NC]
RewriteRule \.(gif|jpg|png)$ - [F]