Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest stationmaster buy cloud host technology Hall
Users and webmaster:
2009 year January 8 11 o'clock 38 points, we received some of the webmaster reflects their own forum suddenly inaccessible, and the page shows "hacked by ring04h, ethically for fun!" Words。 For the majority of users, we immediately organize technical personnel to the Forum procedures for security screening, and all the results show that the program has no problems. At the same time, we noticed that the site customer.discuz.net domain name was hijacked, pointing to an unknown server (203.86.236.236).
Customer site is discuz! An emergency interface for sending forum patches and security patch notifications. Hackers first took advantage of the discuz.net of the domain Name Service provider's vulnerability, landed and modified the customer's domain name address, and wrote a section of the attack code in advance stored on a server. In this period, if the webmaster login to enter the forum back home, because the forum notify the server's domain name was hijacked to the new server, so that the attack code to achieve the operation and imitate the identity of the webmaster, submitted and modified the forum's SEO settings. So that the forum can not be normal access, the formation of a domain name hijacking can not be accessed phenomenon.
In this connection, we quickly contacted the domain Name service provider, the domain name address was amended as soon as possible. At 12:15 Noon, we released a contingency correction solution to avoid the proliferation of domain name hijacking events on a larger scale.
for forums that use discuz!, if a webmaster accesses the background within that time period (about one hours), it will likely cause a domain name hijacking to be modified by an attacker, and results in an inaccessible and illegal attack on the page, however, the attack is currently determined to not involve data affecting the forum.
Currently, the affected site can choose to directly access the background management program admincp.php, and then modify the forum's SEO settings. At the same time, the official forum has released the solution package Http://www.discuz.Net/thread-1183991-1-1.html.
   &NBSP
manually modify the method. discuz! Background related SEO settings were inserted into <script>function init () {document.write (' hacked by ring04h, ethically for fun! '); Window.onload = Init;</script>
Domain name is Internet Basic Service, this security problem is caused by domain name hijacking, discuz! Each version of the software code in the security is not a problem, so discuz! There are no new patches released by the authorities other than the release of recovery methods and recovery tools.
For this incident, we consider it a serious, malicious and aggressive act that has gone beyond the moral and professional integrity of a person engaged in security technology. In this respect, we reserve all the information which may become the proof of crime, and transfer to the judicial Department for processing!
Sing
January 8, 2009
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
