Sherie,
Under the transfer tab, I would make sure transfer type is set to auto
steve
Sherie,
Under the transfer tab, I would make sure transfer type is set to auto
steve
Update on the Bugs
Thought I share the latest on my 'battle with the bugs'. My hosting company has been great. Together we finally decided to strip all the pages from the site, upload squeaky clean ones and, of course, change the password. (Before I just tried to fix it page by page)
Today I kept working on a password until my new one has a full 100% strong ranking, instead of the 40% or so before. I'm staying positive and expecting a 'full recovery' from the pain in the bugs...I mean pain in the butt trojans. Thanks for everyone's ideas, suggestions and support.
Sherie Smith
I believe your files are being infected at the server level.
There is no way I know of that they could get trojans etc. from filezilla simply transferring them from your computer to the website.
If you have wiped the server clean then that may or may not have solved the problem.
If someone has access to any account on the server they may have access to all of them.
I would really be looking at the server for this problem.
robert
Actually there is a known problem that exploits FileZilla. I've had to help a customer of mine recently who had 50 or 60 websites injected with IFRAME code that subsequently gets the site listed as 'dangerous' when you try to display it with Firefox.
I don't know if this is the same issue but basically, FileZilla stores passwords in plain text. The trojan grabs these plain text passwords and sends them off to a hacking site which alters your index.html and/or index.php files, adding an iframe and/or some javascript code. The iframe is at the top of the page and the javascript at the bottom of the page.
There are 3 steps for removal:
1. Do a full virus scan ensuring that your anti-virus is up to date. Also have anyone else who works on your site do the same.
2. After any trojans/viruses are found and removed, change all of your FTP passwords.
3. Repair the affected pages - this involves editing any index.php or index.html files to remove the iframe and/or javascript.
This should fix the issue but still leaves you vulnerable if your computer gets infected again. One of the FileZilla developers has indicated that there won't be a 'fix' because he believes it's not FileZilla's job to protect against these sort of attacks. You may want to look at an alternative. I use a program called FlashFXP, but ask around and if you do change to another FTP program, check whether passwords are encrypted.
Here are a couple of relevant links...
Discussion about similar attacks:
http://drupal.org/node/441032
http://www.tech-evangelist.com/2009/...-trojan-virus/
Response from FileZilla Developer (his name is botg):
http://forum.filezilla-project.org/v...php?f=1&t=9543
Regards,
Gary
Elite Member
I use FireFTP and have never had an issue with my sites getting hacked. I know many use, and seem to prefer, FileZilla, but FireFTP is awesome and works very well.
Traci Knoppe
Chronic Beauty Life
Super Active Member
An alternative for filetransfers (and other stuff) that I've been using since forever is Total Commander from Ghisler.
I think I'm going with FireFtp.
Thanks Traci for the video help!
Elite Member
Nice to see you here Gary!
Thanks for the details about filezilla - is there any particular ftp client you'd reccomend?
Alex
Hi Alex,
Yes .. I've been 'out of circulation' for a while but I'm back with a vengeanceOriginally Posted by AlexNewell
. I followed a link here from Google and then saw that it was Lynn's. I don't know her but I've seen and heard quite a lot and it was all good. I'll be upgrading to elite membership soon... just want to settle in first.
There's a bunch of good FTP clients out there. SmartFTP, CuteFTP and FlashFXP are all good non-free ones. A free one that I'm recommending now is Core FTP (www.coreftp.com). The lite version is free and it looks and feels a lot like FileZilla. I've not seen any reports of it being exploited.
Gary
Elite Member
Thanks for the info Gary and it'll be great to welcome you into the Elite forum - even if you don't sign up through my link
http://expertlistbuilding.com/lynnterry.html
:-)
Alex
Posting Permissions
Reply With Quote
Bookmarks