[TYPO3-english] TYPO3 security levitra
Steffen Gebert
steffen.gebert at typo3.org
Sun Jun 5 20:50:55 CEST 2011
Hi Michal,
On 05.06.11 20:33, michal_cygankiewicz at interia.pl wrote:
> Recently my site is indexed not properly in Google. It looks as it has been hacked. Please type "site:siatkowka.net" in Google. However it looks properly when browsing in browser. TYPO3 version is 4.5.3. This site is hosted on dedicated server with one another TYPO3 installation, which is running properly. I sccanned my server in search for viruses.
You're not the first one mentioning this (however I currently only know
a german blog posts about this). As to our knowledge, none of those
hacked sites was hacked using an unknown TYPO3 core or (public)
extension vulnerabilty. All site owners, which were able to provide
details, identified other weaknesses (custom TYPO3 extension, weak FTP
passwords, hacked other PHP software, etc).
As pointed out by Olivier, detailed information about the attack should
not be presented in public. Please provide as much feedback as possible
(used TYPO3 version, used extensions+versions, access logs (if
possible), etc.) to the security team: security (AT) typo3 (DOT) org.
Thanks
Kind regards
Steffen
--
Steffen Gebert
TYPO3 v4 Core Team Member
TYPO3 .... inspiring people to share!
Get involved: http://typo3.org
More information about the TYPO3-english
mailing list