Submitted by fuzzie on Sun, 05/10/2009 - 00:46
Some one from .ru keeps injecting a script on my index.php pages.
I don't know how they are getting in.
I have totally stopped ftp.
They keep injecting it.
It is obfuscated script, but I changed it to alert() so you can see it here:
http://eddingtonpres.wcv.us/
This is the code injected:
I want to block everything from .ru from my server. Is that possible?
How do I tell how they are getting in?
Status:
Closed (fixed)