Thanks. I'll look into

Dami — Fri, 04 Jan 2008 22:36:23 +0000

Thanks. I'll look into that.

Personally I use a PHP

JeevesBond — Fri, 04 Jan 2008 22:09:14 +0000

Personally I use a PHP script, that I've checked the security of myself.

I've used NMS Formmail successfully before though.

Okay, so what do you

Dami — Fri, 04 Jan 2008 21:22:48 +0000

Okay, so what do you recommend for forms mailing? I only have a portion of my site set up for php, so I'm not ready to use one in php. Any suggestions?

Quote: Matt Wright's

JeevesBond — Fri, 04 Jan 2008 20:56:07 +0000

Quote: Matt Wright's formmail.cgi

This is the most likely to cause problems. If it doesn't even work, just delete it, it's an insecure script.

As for PHP and MySQL, have you written any scripts in PHP? If you haven't written any scripts, it's unlikely to be an avenue of attack.

Greg, then how can you stop

Dami — Fri, 04 Jan 2008 19:20:18 +0000

Greg, then how can you stop it? That seems incredible it can happen.

I don't even know where to start looking or what to look for. I have javascripts I wrote, Matt Wright's formmail.cgi (it doesn't work though--don't know how to fix that, either.) and a small mysql db and some php to go with it. Anything there that might be the culprit?

check back OFTEN if this

Greg K — Fri, 04 Jan 2008 19:04:33 +0000

check back OFTEN if this happened even once.

Our company switched to a "cheap" hosting company, and the servers are set that any scripts you have run as your own username, therefore can rewrite any pages you upload. Well the person who set this up installed some script somewhere that will nightly rewrite our index.html pages to include two hidden IFRAMES.

Even after changing login info and reuploading the index.html files, later that night (file modification times vary, but are in the evenings after we are closed) they are re-modified.

The funny thing is on the server, from a real brief look, didn't see any scripts, however as it can write to anywhere our user can write to, many places to look yet....

-Greg