http://phpsecurity.readthedocs.org/en/latest/Injection-Attacks.html I suspect most of these are code injection, like file inclusion. I think some basics like file/directory write permissions checks would go a long way. Found this informative too (on Cross-Site Scripting (XSS): http://phpsecurity.readthedocs.org/en/latest/Cross-Site-Scripting-%28XSS%29.... On Wed, Feb 11, 2015 at 10:53 PM, Makhanu Sinja <jeysinja@gmail.com> wrote:
Big Sigh! Wordpress sites I have designed are running smoothly
On 2/11/15, Samuel Waithaka via skunkworks <skunkworks@lists.my.co.ke> wrote:
Another website [that I know] was hacked today. Someone shared this:
http://www.pcworld.com/article/2458080/thousands-of-sites-compromised-throug...
On Tue, Feb 10, 2015 at 8:38 AM, Samuel Waithaka <samwaithaka@gmail.com> wrote:
Seems Kenya Rural Roads Authority - KeRRA are not aware that they've
been
hacked:
I don't think code those hackers put up is infected though - at least not yet..
-- Samuel Waithaka http://twitter.com/samwaithaka
-- Samuel Waithaka http://twitter.com/samwaithaka
-- -- Kind Regards. *Makhanu Sinja.* +254 (0) 72168 0868 || Email me <jeysinja@gmail.com> || @iMakhs <http://www.twitter.com/iMakhs>
*I do know everything, just not all at once. It's a virtual memory problem.*
-- Samuel Waithaka http://twitter.com/samwaithaka