We have been running DNN for a decade now. Currently, we are on the 9.9 version and running successfully.
However, since last 3 days we have noticed injections happening on our site that is inserting code snippets to run *unknown* google adsense on our site at random places. We have manually taken these out, but they again come back within hours. We are not able to figure out on how someone is placing code in our website folders and taking control.
PLEASE HELP
Did you go through the process to Remove Telerik? That's going to be your primary known vulnerability.
Take a look at the Security center in the Persona Bar and see if there's anything there that you need to adjust to either remove a vulnerability or clean up after this attack.
If you think you've removed all known vulnerabilities and you're still being exploited, it could be that you code outside of DNN Platform (i.e. custom development or 3rd party extensions) that is introducing another vulnerability. Or it could be that the initial attack left behind a component that continues to have access.
These Forums are dedicated to the discussion of DNN Platform.
For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:
Awesome! Simply post in the forums using the link below and we'll get you started.