Protecting Your Article Directories Via Cpanel

January 17, 2008 · Filed Under Link Building, Marketing, SEO, Tutorials 

After discussing the advantages of submitting to article directories several days ago, I have learned yesterday that there’s a new exploit going around for article directories that is powered by article dashboard. Someone discovered a vulnerability which can be used by malicious people to conduct a sql injection attack. When I first learned about it, I asked the person who told me about it to prove it by logging into my site as admin and he really got in. When another friend told me how to do it, I tried it to a friend’s article dashboard powered directory and I also got into his admin panel without even knowing his username and password.

Here are some screenshots:

1. Screenshot of articleyard.com, a directory that I own. You can see that the guy who went to my admin panel even left me a message, how sweet…

Article Yard

2. Screenshot of 63s.org, owned by Philip Tiangson. I went to his admin panel, took a screenshot and showed it to him. I didn’t do anything that will harm his feelings so nothing to worry guys, he didn’t kick me afterwards..

63s.org

So to make everything short, there is really a hole into the article dashboard script. And as the script is widely used by hundreds or even thousands of webmasters, this is something huge if the hack will spread. Someone asked me on how to do it saying that every article dashboard user should know it so they can protect their sites but I didn’t gave it thinking that it might fell into wrong hands so what I’ll just do is to give tips on how to protect your site.

If you’re using a cpanel, here’s a quick tutorial:

  1. On the homepage of your admin panel, click the password protect directories button
  2. Navigate to the directory that you want to protect
  3. Click on the tick box next to the Icon Lock icon
  4. Optional, enter the name that you want to appear in the protected resource name.
  5. Then click on the save button.
  6. Finally, add an authorize user to enable access to the directory.

I have done this to article directories that I own, and it works perfectly against the recent exploit. Hope this will help others too..

Tags:

Comments

One Response to “Protecting Your Article Directories Via Cpanel”

  1. Pages tagged "user" on January 17th, 2008 9:42 pm

    [...] = “0099FF”; var mooter_wrapper_url=”"; var run_method = “preload”; var mooter_target = “0″; Protecting Your Article Directories Via Cpanel saved by 1 others     sbenarroch bookmarked on 01/17/08 | [...]

Leave a Reply