Where to look for the consequences of an attack on the site?

E

evve2015-05-11 11:10:13

PHP

evve, 2015-05-11 11:10:13

A couple of days ago my website was hacked. I received about 1000 applications. The contents of the fields are approximately the following: /, -1 OR ', etc.
Well, now I understand that it is necessary to "tighten" the validation of the fields, the captcha will not be superfluous either.
Where to look for consequences after the attack? What other measures should be taken?

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

R

Roman Pavlov, 2015-05-11
@RomanPavlov

By this you were pierced by the possibility of SQL injection. You must use prepared statements exclusively . Tightening validation may not help if you have a hole in sql.

M

marble, 2015-05-11
_

Stick PHPIDS , there are rules for spam. And for everything else, in principle, too.
Consequences - it is not clear what is meant? Have you been hacked? Not sure? Run ai-bolit , see what it shows.

I

index0h, 2015-05-11
@index0h

Just yesterday there was a similar question .
Search initially in the logs.
Specifically, in your case, this is the selection of SQL injections.