I guess DF website is hacked or something. Please see attached.
Yes it was. We have restored access and patched the issues. Certainly made for a fun few hours…said noone ever.
Hi would you mind sharing , if we are running the DF community version public , how can we secure it ? what are the steps and security measures that we need to be watchful about as we are planning to use DF as one of our key integration server.
Thanks.
Hi @kalmenchia,
The issue affected only the below services:
The vulnerability was in our www. domain only which came about in Drupal’s and WordPress’s code. This has now been patched.
Our wiki, blog & indeed DreamFactory service (which is installed on customer datacenters) was not affected.
The hacker was ‘Bala Sniper’ who has taken down thousands of websites across a number of web hosting providers.
We have done a security audit to ensure this won’t happen again.
Thanks,
Erik