On 19 Sep 2013, at 13:58, "Design in Motion Webdesign" <i...@designinmotion.be>
wrote:
> it has nothing to do with ".php" in the file name. What the hacker did, was
> uploading a .gif file with some malicious php code included to your
> webserver. Then he called the .gif file from his own website by using a php
> script containing some code like
> require_once('http://www.yoursite.com/images/yourimage.gif'). At that moment
> the php code inside the .gif file has been executed.
In possibly the most pointless way ever! In that scenario the script would be
executed on the "hacker"'s server (assuming Apache is set up correctly), so
there's no point in her managing to put it on your server at all!
Arno: If you can request that file using a web browser, and it gets executed as
PHP on your server then there is an error in the Apache configuration.
Easy test: create a file in a text editor containing some PHP (<?php phpinfo();
?> would be enough) and upload it to the www root of your site and name it
test.pgif. Then hit http://www.yourdomain.com/test.pgif in your browser. If you
see the PHP code or an error then you're fine. If you see PHP's info page then
you need to change web host as quickly as possible. I don't care if they fix it
- the fact their server was configured to do this by default is enough for me
to never trust them again.
-Stuart
--
Stuart Dallas
3ft9 Ltd
http://3ft9.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
