WampServer
Apache, PHP, MySQL
on Windows
Attackes on my WAMP SERVER
Posted by:
datalogy
(117.198.87.---)
Date: June 19, 2017 06:17PM
Hello there,
Someone is uploading some malicious files remotely on my wamp server. Investigation on our side reveal that this encrypted file is sending bulk emails and causing mysql to hang (but not sure). Restart of WAMP is needed in order to restore it but its happening on daily basis at our night times and attacked is using random IP addresses so no way to block it. I delete such files and it runs good for couple of days and then it all starts again and again.
What could be the reason and how someone is able to upload files in different directories inside WWW folder of WAMP without any authorize access?
I wish I could upload file here but there isn't option to upload file. Any help will be highly appreciated.
Thank you
Edited 1 time(s). Last edit at 06/19/2017 06:18PM by datalogy.
Someone is uploading some malicious files remotely on my wamp server. Investigation on our side reveal that this encrypted file is sending bulk emails and causing mysql to hang (but not sure). Restart of WAMP is needed in order to restore it but its happening on daily basis at our night times and attacked is using random IP addresses so no way to block it. I delete such files and it runs good for couple of days and then it all starts again and again.
What could be the reason and how someone is able to upload files in different directories inside WWW folder of WAMP without any authorize access?
I wish I could upload file here but there isn't option to upload file. Any help will be highly appreciated.
Thank you
Edited 1 time(s). Last edit at 06/19/2017 06:18PM by datalogy.
Re: Attackes on my WAMP SERVER
Posted by:
RiggsFolly
(Moderator)
Date: June 19, 2017 06:22PM
WAMPServer is primarily a Developer tool. Designed to be a standalone wamp stack.
It can be used to host sites live on the internet but this is only suggested if you have the relevant knowledge to correctly secure Apache in that environment.
Otherwise I suggest you purchase a hosting package, where they have proffessional that know their business to undertake the hardening of Apache against external attacks
---------------------------------------------------------------------------------------------
(Windows 10 Pro 64bit) (Wampserver 3.3.4 64bit) Aestan Tray Menu 3.2.5.4
<Apache versions MULTIPE> <PHP versions MULTIPLE> <MySQL Versions MULTIPLE>
<MariaDB versions MULTIPLE> <phpMyAdmin versions MULTIPLE> <MySQL Workbench 8.0.23>
Read The Manuals Apache -- MySQL -- PHP -- phpMyAdmin
Get your Apache/MySQL/mariaDB/PHP ADDONs here from the WAMPServer alternate Repo
-X-X-X- Backup your databases regularly Here is How dont regret it later! Yes even when developing -X-X-X-
It can be used to host sites live on the internet but this is only suggested if you have the relevant knowledge to correctly secure Apache in that environment.
Otherwise I suggest you purchase a hosting package, where they have proffessional that know their business to undertake the hardening of Apache against external attacks
---------------------------------------------------------------------------------------------
(Windows 10 Pro 64bit) (Wampserver 3.3.4 64bit) Aestan Tray Menu 3.2.5.4
<Apache versions MULTIPE> <PHP versions MULTIPLE> <MySQL Versions MULTIPLE>
<MariaDB versions MULTIPLE> <phpMyAdmin versions MULTIPLE> <MySQL Workbench 8.0.23>
Read The Manuals Apache -- MySQL -- PHP -- phpMyAdmin
Get your Apache/MySQL/mariaDB/PHP ADDONs here from the WAMPServer alternate Repo
-X-X-X- Backup your databases regularly Here is How dont regret it later! Yes even when developing -X-X-X-
Re: Attackes on my WAMP SERVER
Posted by:
datalogy
(106.79.160.---)
Date: June 19, 2017 08:10PM
Hello,
Thanks. I know its a developer tool and its been used for development where clients can see their project progress live in my case. This is not being used as replacement of professional hosting. If you have any solution to above problem then feel free to share.
Thanks
Thanks. I know its a developer tool and its been used for development where clients can see their project progress live in my case. This is not being used as replacement of professional hosting. If you have any solution to above problem then feel free to share.
Thanks
Re: Attackes on my WAMP SERVER
Posted by:
RiggsFolly
(Moderator)
Date: June 19, 2017 09:16PM
How can I/we help.
We have no idea of the specifics.
We have no idea what you have done to harden Apache.
We have no idea if you are using home written code or a CMS/Framework
We have no idea if you kept a CMS/Framework up to date.
In short a request for help saying I have been hacked is really not enough to go on.
---------------------------------------------------------------------------------------------
(Windows 10 Pro 64bit) (Wampserver 3.3.4 64bit) Aestan Tray Menu 3.2.5.4
<Apache versions MULTIPE> <PHP versions MULTIPLE> <MySQL Versions MULTIPLE>
<MariaDB versions MULTIPLE> <phpMyAdmin versions MULTIPLE> <MySQL Workbench 8.0.23>
Read The Manuals Apache -- MySQL -- PHP -- phpMyAdmin
Get your Apache/MySQL/mariaDB/PHP ADDONs here from the WAMPServer alternate Repo
-X-X-X- Backup your databases regularly Here is How dont regret it later! Yes even when developing -X-X-X-
Edited 1 time(s). Last edit at 06/21/2017 10:00PM by RiggsFolly.
We have no idea of the specifics.
We have no idea what you have done to harden Apache.
We have no idea if you are using home written code or a CMS/Framework
We have no idea if you kept a CMS/Framework up to date.
In short a request for help saying I have been hacked is really not enough to go on.
---------------------------------------------------------------------------------------------
(Windows 10 Pro 64bit) (Wampserver 3.3.4 64bit) Aestan Tray Menu 3.2.5.4
<Apache versions MULTIPE> <PHP versions MULTIPLE> <MySQL Versions MULTIPLE>
<MariaDB versions MULTIPLE> <phpMyAdmin versions MULTIPLE> <MySQL Workbench 8.0.23>
Read The Manuals Apache -- MySQL -- PHP -- phpMyAdmin
Get your Apache/MySQL/mariaDB/PHP ADDONs here from the WAMPServer alternate Repo
-X-X-X- Backup your databases regularly Here is How dont regret it later! Yes even when developing -X-X-X-
Edited 1 time(s). Last edit at 06/21/2017 10:00PM by RiggsFolly.
Re: Attackes on my WAMP SERVER
Posted by:
datalogy
(117.198.75.---)
Date: June 21, 2017 09:25PM
but you should have idea about any known loophole in wamp. right?
Re: Attackes on my WAMP SERVER
Posted by:
RiggsFolly
(Moderator)
Date: June 21, 2017 10:22PM
The only possible loopholes are those that exist in
Apache (the version you are using)
PHP (the version your are using)
Or the code you wrote
Or the code in the CMS(version you are using) and/or the code you wrote in it.
Or the code in the Framework(version you are using) and/or the code you wrote in it.
Or the ADDON to the CMS/Framework and wether they are up to date or not.
Quite simply, the list of possibilities is too long, and in no way limited by the little information you actually provided us with.
As at the current point in time, I nor anyone associated with this site is clairvoyant.
Sorry
---------------------------------------------------------------------------------------------
(Windows 10 Pro 64bit) (Wampserver 3.3.4 64bit) Aestan Tray Menu 3.2.5.4
<Apache versions MULTIPE> <PHP versions MULTIPLE> <MySQL Versions MULTIPLE>
<MariaDB versions MULTIPLE> <phpMyAdmin versions MULTIPLE> <MySQL Workbench 8.0.23>
Read The Manuals Apache -- MySQL -- PHP -- phpMyAdmin
Get your Apache/MySQL/mariaDB/PHP ADDONs here from the WAMPServer alternate Repo
-X-X-X- Backup your databases regularly Here is How dont regret it later! Yes even when developing -X-X-X-
Apache (the version you are using)
PHP (the version your are using)
Or the code you wrote
Or the code in the CMS(version you are using) and/or the code you wrote in it.
Or the code in the Framework(version you are using) and/or the code you wrote in it.
Or the ADDON to the CMS/Framework and wether they are up to date or not.
Quite simply, the list of possibilities is too long, and in no way limited by the little information you actually provided us with.
As at the current point in time, I nor anyone associated with this site is clairvoyant.
Sorry
---------------------------------------------------------------------------------------------
(Windows 10 Pro 64bit) (Wampserver 3.3.4 64bit) Aestan Tray Menu 3.2.5.4
<Apache versions MULTIPE> <PHP versions MULTIPLE> <MySQL Versions MULTIPLE>
<MariaDB versions MULTIPLE> <phpMyAdmin versions MULTIPLE> <MySQL Workbench 8.0.23>
Read The Manuals Apache -- MySQL -- PHP -- phpMyAdmin
Get your Apache/MySQL/mariaDB/PHP ADDONs here from the WAMPServer alternate Repo
-X-X-X- Backup your databases regularly Here is How dont regret it later! Yes even when developing -X-X-X-
Sorry, only registered users may post in this forum.
