PHP Security
If you are using PHP on your website we ask that you please read the following carefully.
We have noticed a significant number of PHP websites are being compromised due to vulnerable PHP code. Spammers are scanning millions of websites on the Internet looking for PHP scripts that can be exploited to send spam. When they find a script that has a loophole they send thousands of email messages through the script, often taking down the website or severely impacting website performance.
Generally these loopholes exploit code using parameters from a form being passed straight to a mail command or page include without being checked for extra characters. These problems include line feeds in email names and addresses, or including any page passed to the script.
When we find a site that is being exploited we often have to disable scripting for the whole site or at least for the compromised script (if we can identify it), this can mean unexpected downtime for your website. This problem affects all PHP websites available on the Internet, not just ones hosted by Hub Enterprise.
This issue can often be resolved by upgrading to the latest version of the script or in the case of custom scripts asking your developer to close the loophole that has been exploited.
We would ask that you carry out a security audit on your PHP scripts to ensure they are not vulnerable. If you do have any questions then please feel free to contact us.
Thank you for your assistance with this matter.
Hub Enterprise
Back