Does anyone have any experience with having their website hacked by someone through the editor? My website host said that the pages of my website were deleted by someone (hacked). I am wondering if I should believe him or has he ripped me off by telling me that I have to have a new site built. He claims that his server is very very secure and that the editor tool gets hacked often and thousands of sites are compromised. Thanks in advance for any input. DOC
Mon, 11/26/2007 - 02:15
#1
Re: Hacked
It's executed just on the client and it doesn't do anything on the server by default.
You can enable the filemanager connector, and then you might get it trouble if you don't verify that the user has authenticated, but again, the filemanager is fairly secure so they should be able just to upload files, not to execute them or delete anything.
On the other hand, if you allow anyone to use the editor and don't do a proper check of the contents submitted to the server (that would be a problem with any editor that you use), then things can get very nasty.