The <iFrame Web Site Attack

On 6 April 2008, this site, when it was on another hosting service, was attacked and an <iFrame tag appended to every php and html file on the site. The <iFrame tag pointed back to the following domains:


The attack was apparently perpetrated because two php.ini parameters were left that allow exploits:
allow_url_fopen = on
register_globals = on

These settings have now been changed to OFF.
Continue reading “The <iFrame Web Site Attack”