Tag: sql injection attack

Cleaning up and Preventing HTTP Injection Attacks

I recently had the (undesired) opportunity to learn about HTTP and SQL injection attacks. It took a great deal of effort to diagnose and clean up, but hopefully what I learned from the experience may help you prevent these attacks on your own site or clean up after such an attack.

I first found out my site had been compromised because one of the subdomains started displaying “403” errors (permission denied) and one of the users notified me that the site could no longer be reached. At this time, the rest of the site seemed fine, so I had not noticed anything was wrong with it myself.

On examining the subdomain files, it turned out that the .htaccess file had some new directives written into it, which had the effect of blocking all access to the site. When I further examined the file, it appeared that the actual intent had been to redirect only the users that arrived at the site through a search engine, while allowing direct visitors to see the site as usual.

Continue reading