A few days ago my website was hacked. I found out that the 'hacker' ran queries directly into the database, so he somehow got access to my database credentials.
I'm using laravel 4 and the config file is stored outside the public_html folder into a .env.production.php file and it looks like this:
<?php
return array(
'DB_NAME' => 'database_name',
'DB_USER' => 'database_user',
'DB_PASS' => 'my_password',
'DB_SERVER' => 'localhost'); ?>
Accessing this file in the browser returns nothing, so how did the attackers got the data? One theory would be that the hosting company got hacked (I'm on shared hosting. They deny that and I have reasons to believe them.
What other possiblities are there? Remote file inclusion? Local file inclusion? I want to know what could cause the data in the config file to be compromised so I know what to check for in my application.
Aucun commentaire:
Enregistrer un commentaire