Menu

PhpGedView - Malware and Phishing warnings

Open Discussion
ron snow
2009-04-14
2013-05-30

  • ron snow

    ron snow - 2009-04-14

    I installed 4.2 phpgedview in February and 2 weeks ago I received emails from Google saying that the PhpGedView site had malware.  Sure enough there were 3 directories that had a prefix of drg......

    Now Macintosh based Safari browser refuses to open the site, giving a warning of Phishing site.

    Has anyone else had these issues - I could not find any in the forum.   More importantly, what do I need to do to 1: clear the errors AND 2: prohibit it from happening again?

    I had set the security of the site as per the installation instructions   (at least I thought I had).    In researching these issues, I noticed that PhpGedView is listed as susceptible to such hacks and attacks.

    Thanks, Ron

     

    • Stephen Arnold

      Stephen Arnold - 2009-04-15

      Ron
      You are incorrect. PGV is not susceptible to 'such hacks and attacks', any more so than any PHP web-based program, and in fact, probably considerably less given the dedication of a very talented programmers who make security a key issue and submit bug fixes promptly.

      There is an AJAX-loading issue with the most recent versions and Safari, and these are not yet resolved. Until a fix is found, use Firefox as its much more stable with PGV. This from a die-hard mac fanatic since 1984.
      -Stephen

       

    • Greg Roach

      Greg Roach - 2009-04-15

      <<what do I need to do to 1: clear the errors>>

      These "extra" directories beginning "drg......" need to be removed.  I'm sure typing their names into google will help.

      For more confidence, I'd create a completely new installation, copy all the settings/data across, then delete the old installation

      <<2: prohibit it from happening again>>

      That depends on how it happened initially.  If this is a shared server, then it could be some other user on your server.

      General advice is to;

      Review your file ownership/permissions.
      Review your user accounts for any you don't recognise.

       

    • Gerry Kroll

      Gerry Kroll - 2009-04-15

      I would, first of all, make an off-line copy of those extra directories and look at their contents.  This can sometimes give you a hint as to where they came from and who the "owner" is.  If you can't make sense of the directory contents, ask here for some help.

      Also, review the permissions of each user account, even if you DO recognize it.

      I would also watch the new (STRONGLY recommended) installation for a re-appearance of those extra directories.  Do this at least twice a day for the next month or so.  If it happens again, you'll have a better and stronger case to take up with your hosting company.

       

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.