2 posts by 2 authors in: Forums > CMS Builder
Last Post: July 28, 2017   (RSS)

By zaba - July 26, 2017

I Have noticed some disguised files scattered around my site. Which has affected my site. I have managed to remove the files and restore from backup. But it keeps happening. I have noticed some POST requests in the log files that look suspicious.

one such post request is

"POST /cms/3rdParty/TinyMCE4/plugins/visualblocks/css/visualblocks.php HTTP/1.1"

I checked the server and deleted this file, I have no idea how it got there as its not supposed to be there.

I have changed permissions and used your exploit scanner searched through logs and removed any non-welcome files.

I was wondering if I can create a whitelist of allowable POST files.

I just wanted to know of the files I need to whitelist for the normal functioning of cmsb.

Here is an example of the whitelist I want to add in .htaccess.

# whitelist POST requests
<IfModule mod_rewrite.c>
RewriteCond %{REQUEST_URI} !/contact.php [NC]
RewriteCond %{REMOTE_ADDR} ! 
RewriteRule .* - [F,L]