Regaining Control of a Hacked PHP-Nuke Site

Introduction

PHP-Nuke is widely used, open source content management system (CMS) using PHP and MySQL. PHP-Nuke allows you to add and edit content on to your site without having to play around with HTML files. The whole content system runs off a database. Apart from MySQL, this CMS also supports SQL Server, Oracle, Access and Postgres databases. This allows PHP-Nuke to run on most platforms.

PHP-Nuke allows you to integrate extra functionality to the site, by adding them as modules. This modular concept of CMS allows webmasters to customize the functionality of the CMS system to their requirement. PHP-Nuke has various built-in modules like user registration, downloads, news, article sections, FAQ and web links. Apart from the built in modules, there are a variety of third-party modules which add in a lot more functionality to this CMS.

I've been running PHP-Nuke to manage content on my site since 2003. A lot of people have posted their views online stating that this system was quite insecure. I didn't pay much heed to these warnings, since this is one of the more popular CMS systems on the Internet. I had thought that since a lot of people were working on the system, all the bugs would be fixed up soon. I was in for a shock recently when my PHP-Nuke installation was hacked. In this article I have outlined how to overcome an attack on your Nuke installation and patch up the system to prevent further attacks. Even if your installation has not been hacked into yet, read on to learn how patch up your site to prevent such attacks on your site.