Hi everyone, first post.
In the past few months we had some security troubles with our DNN installation, versions 09.04.00 and the current 09.05.00.
Hackers managed to write some html code ( hidden links to xxx sites, for SEO porposes, i think ) in some of the files. One time in the skin .ascx, then in a script in the header, and so on. They seem to be very expert in the DNN CMS, as they target very specific files that are not easy to find.
Anyone else is experiencing the same? Any good advice?
We are updating to the latest version, we hope that will resolve the issue.
Michael TobischDNN★MVP
Thank you for your answer.
We have already done most of the things that you listed (password changes, Telerik removal, check for unsecure FTP conections).
We'll see how it goes with the new version. I'll report to [email protected] if we find out any specific security issue.
Did you also check the editors providers? You should remove all but the DNN Connect CK Editor IMO.
And you could also have a skin or module with a security issue. (older version of DNN Go skins for instance)
It might also be that they hacked your site in a previous version and installed some backdoors. You could "hide" this in any aspx / ascx file in principle.
These Forums are dedicated to the discussion of DNN Platform.
For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:
Awesome! Simply post in the forums using the link below and we'll get you started.