Support ⇒ Security ⇒ [solved] Has My Site Been Hacked? ⇒ Community Forums ⇒ CPG Dragonfly™ CMS
Forum IndexSecurity

[solved] Has My Site Been Hacked? Reply to topic


Hello Everyone,

I'm new to the Forum... because my installation and use of Dragonfly CMS went so smoothly, that I haven't had any real issues... until now... Shocked

On August 14th, when I visited my website... I received a Trojan Alert message from Windows Live OneCare. I've attached a screenshot of the alert, below.

Now I'm wondering if my site's been hacked and a Trojan has been embedded? I've looked through the source code and couldn't find any unusual scripts... but I'm not even sure where I should be looking? Confused

So I guess these are my questions:

1 - Is it possible for someone to hack Dragonfly CMS and embed a Trojan in my website?

2 - If so... is there any way to find the area that was hacked and fix it?

3 - Are there any security measures I can take to keep my site from being hacked again?

I'm going to provide a link to my site... but you should only click on the link, if you have security software that will detect and remove a Trojan (as I do).

If anyone could take a look at my site and let me know what they can find, I'd appreciate your help:

aceoaddix.com/

Thanks so much! Very Happy
Attachment: trojanalert.jpg
Description Here's an image of the Trojan Alert message I'm getting at my website.
Filesize 61.81 KiB
Viewed 9 Time(s)
You are not allowed to view/download this attachment

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Debian OS / Apache ? / MySQL 5.0.83 / PHP 5.2.12 / Dragonfly CMS 9.2.1


1. Yes it is possable but highly unlikely. If you did get hacked 9 times out of 10 they found a weak spot on your server.
2. Search your logs all of them. For now tho i would recommend uploading a clean copy of all your files over writing the current ones.
3. Yes, but first need to find out what the problem is to figure out what needs to be done to secure it.


I dont see a screenshot?

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Multiple Setups


"On August 14th" and you register/report now ... take your time mate Wink

Anyway, unless you run your own modules or 3rd party untrusted modules, the only way to hack your website is from inside your server.

.:: I met php the 03 December 2003 :: Unforgettable day! ::.

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
CloudLinux / Apache 2.4 LSAPI / MySQLi 5.6 / PHP 5.6 / DCVS


I attached a JPEG of the screenshot, but the attachment isn't showing in my first post... Confused

So here it is again:



However... I have a Co-Admin, who has more experience with DF... and she seems to have fixed the issue. Very Happy

When I find out what happened and how she fixed it, I'll share the info here and see what you guys think.

Thanks for your help! Very Happy

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Debian OS / Apache ? / MySQL 5.0.83 / PHP 5.2.12 / Dragonfly CMS 9.2.1


OK... looks like the free plugboard that I was using from PlugMe.net was generating the Trojan alert.

I've been using that service for almost a year, with no problems... they must have just changed the script or maybe it's a new glitch with OneCare... Confused

Either way... I switched to a plug script from Plugboard.org and the Trojan warnings are gone.

Thanks for your help! Very Happy

~ Wendy

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Debian OS / Apache ? / MySQL 5.0.83 / PHP 5.2.12 / Dragonfly CMS 9.2.1

All times are UTC


Jump to: