Comments on: Troubleshooting an IFrame Injection Attack

By: advertising

advertising — Sun, 28 Feb 2010 07:51:57 +0000

cant you edit your .htacces file to prevent this

By: Website maintenance « WASRC

Website maintenance « WASRC — Sat, 05 Dec 2009 03:17:28 +0000

[...] http://eisabainyo.net/weblog/2009/04/06/iframe-injection-attack/ [...]

By: izdelava spletnih strani

izdelava spletnih strani — Fri, 04 Dec 2009 17:08:46 +0000

I see you are experts for iframes and stuff. Can anyone help me i’m having trouble that i can’t open my pics with target=”_top” while in iframe?

By: Steve

Steve — Mon, 09 Nov 2009 15:03:29 +0000

Grab a copy of Upload Guardian for your VPS/dedicated server. It scans FTP/PHP uploads in real-time and blocks the attacking IP in the firewall.

By: Jovani

Jovani — Thu, 03 Sep 2009 07:21:02 +0000

I have encountered the same problem.. good thing i have restored the site. But I was wondering what might have caused this kind of injection? Is my computer infected with a virus, is the server has the virus, or something..??

By: Reejesh

Reejesh — Tue, 07 Jul 2009 21:40:59 +0000

any such settings in .htacces file to prevent this ?

By: Zyad Rujeedawa

Zyad Rujeedawa — Thu, 02 Jul 2009 05:44:50 +0000

Looks like this site has removed my coding :-) to prevent scripting attacks :-)

So in the web.config file, under system.web, just set the property validateRequest of the pages tag to TRUE.

By: Zyad Rujeedawa

Zyad Rujeedawa — Thu, 02 Jul 2009 05:38:52 +0000

For .net just add the following in the web.config file

This will prevent scripting attacks.

By: Matrix127

Matrix127 — Wed, 24 Jun 2009 00:41:26 +0000

my website was attacked with this too

I had a back up so restored it, but what I didnt realise that I had back up with the i-frame injection, my website was on for an hour and then it was down again, did AV scan with Avast on the back up files and found the i-frame virus, deleted it, did a full scan on my pc and now I can get my website on, but even tho I will change the passwords and everthing I think this can still be a dangerous one cos if a visitor of your website has the same virus , they can easily infect you with it without knowing they had the virus, it can actualy be siiting on his website ready to fire if you have visited such website or have been redirected to it somehow, one of those is the Firefox pop ups, never accept anything pops up unless you have set it to do so, and if you do by mistake then you get redirected to the infected website and get infected yourself, and now you are the virus who goes and visits the websites and infect all which has no strong wall and with lots of ports open, one of the main and easy security on Firefox you should have is the “KeyScambler” anything you type becomes encrypted text, and not good for all but most is the AddBlock Plus which which is an add on for Firefox, this stops any link that you filter, so it may come handy for blocking lots of ads and stops you being directed to visit an infected site so that can infect you, these are my little suggestions to get more security on your pc and your webserver, and make sure you learn all about what file permission settings are all about, that will also give you some extra security.

all this information I gained through searches and trials and from my silly thinking that I had enough security set up, obviously not !, my only hope is that we never give up and fight back with these issues and help and share information with each other than hopefuly your wont be the next victim ! …

By: Even I had the same problem

Even I had the same problem — Mon, 15 Jun 2009 10:00:58 +0000

I was facing the same problem from April.
Even now I dont know how to rectify it, I have used 20 Jquery files for usability and effects for my website.

I am searching for, still no permanent requiry.

If anybody want to help me on this issue pls…

Thanks
Mahes