cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0
Upvote

Code being added to my web pages

orogeny1
New Here ,
Jan 27, 2014 Jan 27, 2014

Copy link to clipboard

Copied

On two occasions, someone has managed to insert what appears to be malware code into one of my includes.   I won't post the actual code, but it consists of a CFHTTP tag that references an IP address, and a CFOUTPUT tag that outputs the value of the CFHTTP.   The site is not tied to a database, we only use CFINCLUDEs to simplify global edits (we're relatively new to ColdFusion).  The site is hosted by one of Adobe's recommended CF hosting services.   Any thoughts on how someone could be adding this code and what we can do to stop them?

Views

517

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 4 Replies 4
latest latest Jump to latest reply
Anit_Kumar Adobe Employee
Adobe Employee ,
Jan 27, 2014 Jan 27, 2014

Copy link to clipboard

Copied

Hello Orogeny1,

Please make sure that you have applied the lockdown guide and server is fully patched. If still there is a security concern, then please send an email to psirt@adobe.com

Regards,

Anit Kumar

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
orogeny1
New Here ,
Jan 27, 2014 Jan 27, 2014

Copy link to clipboard

Copied

In Response To Anit_Kumar

Thanks, I'm checking with the hosting service now.  I'll let you know what they say.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
CutterBl
Participant ,
Jan 27, 2014 Jan 27, 2014

Copy link to clipboard

Copied

In Response To orogeny1

This sounds like you've been the victim of a sql injection attack, or some other exploit. Make sure that you server is fully patched, that you are running your server in accordance with the Lockdown Guide, and that all of your queries are using queryparams (there is a queryparam scanner on RIAForge.org, I think)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
orogeny1
New Here ,
Jan 27, 2014 Jan 27, 2014

Copy link to clipboard

Copied

LATEST
In Response To CutterBl

Yeah.  Discovereed that we hadn't done the lockdown guide and we're in the process of doing that right now,  Hopefully this will solve the problem. 

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Copyright © 2023 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices