Login | Sign up | Toll-Free: 1-800-752-0455
 
 

Forum

 
Seems almost all of my Artman 1 websites are getting hacked with malware. Anyone else experiencing this?

Re: [WebFire] Artman viruses

Hi there,

We haven't had any reports of this happening.

Do you have any other software on those sites? Because some Article Manager directories have full write permissions, if someone can gain access through any other program, they can write to Article Manager directories (or any other directory with write permissions.) So, something can appear to be related to Article Manager, while actually being the fault of another script. (This actually happened to me once with an outdated version of Wordpress on an entirely different domain than where the malware actually appeared. Drat!)

If you'd like us to take a look into it for you, feel free to fill out a support request:

http://www.interactivetools.com/support/email_support_form.php
Donna

--
support@interactivetools.com

Re: [Donna] Artman viruses

Hi there,

We haven't had any reports of this happening.

Do you have any other software on those sites? Because some Article Manager directories have full write permissions, if someone can gain access through any other program, they can write to Article Manager directories (or any other directory with write permissions.) So, something can appear to be related to Article Manager, while actually being the fault of another script. (This actually happened to me once with an outdated version of Wordpress on an entirely different domain than where the malware actually appeared. Drat!)

If you'd like us to take a look into it for you, feel free to fill out a support request:

http://www.interactivetools.com/support/email_support_form.php


Hi Donna.

All 3 of my existing Artman 1 sites got the malware, and none have other software.

Re: [WebFire] Artman viruses

Definitely unusual. Feel free to fill in a support request, we can take a look. :)
Donna

--
support@interactivetools.com

Re: [WebFire] Artman viruses

>All 3 of my existing Artman 1 sites got the malware, and none have other software.

There's no known vulnerabilities with Artman 1 or 2, but if another user on your host got hacked it's possible that was the entry point and they compromised the entire server (and all the sites on it).

Go to: Setup Options > Server > Publish Dir and click "Browse...". If you are able to browse up above your web folder and into other users web folders it means your web host hasn't configured their security properly and that would be another possible reason (but not the only one).

I'd recommend checking with your host to see if any other users have had the same issue.

Hope that helps!
Dave Edis - Senior Developer
interactivetools.com

Re: [Dave] Artman viruses

Thanks for the replies!

I got one cleaned up. I am fairly certain it is being exploited through the 777 permissions. I had an Artman 2 site that within weeks was being defaced, and after changing permissions it hasn't happened in over a year.

Which leads me to a question: what can I do about it? If I change permissions, they can't edit their site, which renders Artman useless.

Thanks!

Re: [WebFire] Artman viruses

Hi WebFire,

Depending on how the host is configured you may be able to lock down the permissions even more. Try these in order until you find one that works: 755, 775, 777.

If, after you've setting the lowest permissions you can that work, you still get hacked then you might want to consider a different host.

Remember that "Browse" button I mentioned before? We used to get a lot of complaints that our software was insecure because people could browse all over the server. But it wasn't us, it was web hosts that had bad security, you shouldn't be able to get into another users folder, even if the files in that folder are writable.

Hope that helps!
Dave Edis - Senior Developer
interactivetools.com