I woke up on thanksgiving morning to find my server hacked through a hole left by a file upload area of my site. I restored the backup and placed a few blocks in place on the server, so they can get in, but they can't get out.... ;)
What I am interested in finding out is what the best way is to make sure that I can rework the upload area to allow upload and download from it while keeping script kiddies from exploiting it again. I can post the scripts (if you are interested in pulling them apart or such) as I have accumulated 3 different versions now, but I am wondering what you guys use currently as "standard" PHP security and still do file parsing and such. Thanks, Wolf -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
