The Windows Defender quarantined Data_base.aspx as a threat. The path is /wwwroot/Documentation/StarterKit/images/Data_base.aspx. It happened during a backup via FTP.
The .aspx has, indeed, a suspicious size. What is one supposed to do? How can one compare the installed file with the file from the installation package?
Happy coding, Roman
This is NOT part of DNN. Someone has access to your site or server in a way that was caused by a breach or a hack. You should do a full analyses on security, see https://www.microsoft.com...hreatId=-2147205868. I am wondering why you found this during an FTP session. On the server running DNN don't you have Defender running?
Once you have cleaned the server change all passwords and implement 2FA for remote access to that server. Stop using FTP as this is very insecure. If you do not own the server or VM yourself contact your vendor.
In addition to Mariette, there are some possibilities to secure FTP a bit (as I say: a bit).
Happy DNNing! Michael
Michael TobischDNN★MVP
Hi Roman,
The 2 others aspx files seems to be malicious too!
As we can think an image folder doesn't generaly contain any code file. You can check the files dates (depending on the maner they have been uploaded). Those 3 files could have been uploaded at the same time.
Said that, as Mariette suggested you have to scan all the filesystem.
Yes. Mariette, you are right. I found the folder and with its images in the distribution of the 9.2.0 DNN. But there are no aspx there. Somehow, the corrupt files were added to the folder later. The server is on Azure. I don't know if they have Defender by default. I will inform them. Thank you all, guys!
These Forums are dedicated to the discussion of DNN Platform.
For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:
Awesome! Simply post in the forums using the link below and we'll get you started.