Is there anything we could do to retrieve them?
Any help would be welcome.
For a glimpse of the problem visit: http://cjs072.upf.es/moodle
Also make sure that your database is running, if it is not Moodle would give the same error.
If it is crackers that got into your site, you would have to use backups to recreate your site. It is important to make sure that you protect the password of the root user in MySQL. Also make sure that only the root and moodle users have drop modify and access permissions on the moodledatabase -- do not give this password to anybody. Also check the permissions on your moodle directory!
Not much help, I know, but I have a feeling that it is a problem with MySql, I do not think that you have been Cracked (Hackers are guru Unix/Linux/GNU/BSD /php/etc/etc/etc developers). Crackers tend to deface a site, rather than destroy it. How else would they be able to claim fame from their deeds?
Riaan
</sheepish>
The best advice I can give you is to talk to the person administrating the webserver that you use to host your Moodle site. Ask him to restrict the permissions to your data directory and the moodle directory so that only the Apache daemon has access to the files in those directories.
Then also make sure that you keep your database password secure. Do not give it to anyone you do not trust completely.
I hope you get your site up and running very soon.
Riaan
I entered http://cjs072.upf.es/ and was presented with the entire structure of your site including the moodle folder **and** phpMyAdmin!! I then entered phpMyAdmin without entering any password and could directly inspect the tables.
Now there is still a set of moodle tables there called "helene" but there is no longer one called 'moodle' or whatever you had named it.
To prevent this in the future, there are at least two things you must do:
1) password protect your mySQL database
2) create a document called "index.html" at the highest level of your site so that the bare directory structure is not shown. The URL for this file would be:
http://cjs072.upf.es/index.html
Even a trespasser could damage your site severe ..., no cracker needed
Francesc,
You can create an .htaccess file that you upload to your public or root web directory that will disable others from viewing any directory content. Here's the procedure:
Create the .htaccess
Warning: If you are using FrontPage to publish your site and have the FrontPage extension turned ON, turn it OFF. Leaving it turned ON might corrupt your FrontPage Extensions. Use at your own risk. If you don't use FrontPage then you will be fine.
- Open Notepad (or equivalent software depending on your OS. If you are using Notepad remember to disable the Word Wrap before proceeding - Format Menu) and paste the required text.
- You only need to type one line in this file to prevent others from listing your directory contents:
- IndexIgnore*
- Save the file as .htaccess (the .txt extension will be appended).
Uploading the .htaccess file
- Upload the .htaccess.txt file via FTP in ASCII mode and place in the htdocs folder (or as requested by the tutorials).
- After uploaded (right) click on this file (server copy) and choose rename.
- Edit the file name, so that it will be .htaccess (without the .txt extension).
- Now make sure to test the .htaccess.
Note: The same procedure is applied to create an .htpasswd
Covers Head >>>> Closes Eyes >>>> and asks, do you have a back up of your database. If so you may be in luck, if not, then I dont know what you can do. Is the moodle database there at all. I mean have you gone into the server and give the command, SHOW DATABASE.
If it is gone totally, then you will have to rebuild from a back up or scratch. Gee this stinks, why do some have to do this kind of thing, I have no idea, it truly dose not show how great you are to hack a web server, yet some feel they need to do this kind of thing I guess. At any rate, yes you need something at your top level as already noted and you need to turn off directory browsing. A htaccess file will slow them down but they still can get around that if they really want your moodle site. At any rate, let me know if I can help in anyway.
By making apache in my site display a directory listing, I have found that clicking on or 'saving target' for any .php file always interprets the php file, so protecting php code and passwords, which is some relief.
I assume this would break if php ever broke, like if you were re-installing the web server and messed up the php, as I have done!
Does anyone know:
- How to guarantee that the directory listing is never shown to a user? Is havign an index.html file enough? (I know that this is a single tick box in IIS, can't find anything so global in apache)
- If there is any search software/site caching etc, that can be used to download unprocessed .php files
IndexIgnore* gave error message
IndexIgnore * worked
On apache .htaccess advice, I then placed it in httpd.conf, as, for example
<Directory "C:\wdrive\wwwrootapache">
IndexIgnore *
</Directory>
as I found that htaccess files slow things too much, and I have the access to httpd.conf
and yes, my editor (Programmer's file editor) does create backups with $$$ extensions, so now I know.
Thanks for advice, Andy D
<Directory /usr/local/httpd/htdocs>
Options Indexes FollowSymLinks
</Directory>
Remove "Indexes"
Save
Restart web services
Test!
Hope this helps