I guess DF website is hacked or something. Please see attached.
Yes it was. We have restored access and patched the issues. Certainly made for a fun few hours…said noone ever.
Hi would you mind sharing , if we are running the DF community version public , how can we secure it ? what are the steps and security measures that we need to be watchful about as we are planning to use DF as one of our key integration server.
The issue affected only the below services:
The vulnerability was in our www. domain only which came about in Drupal’s and WordPress’s code. This has now been patched.
Our wiki, blog & indeed DreamFactory service (which is installed on customer datacenters) was not affected.
The hacker was ‘Bala Sniper’ who has taken down thousands of websites across a number of web hosting providers.
We have done a security audit to ensure this won’t happen again.