Page 1 of 1

XAMPP-server database was stolen

Posted: 10 Sep 2019, 10:59
by JanMolendijk
My SQL-database was stolen on monday-morning they ask 0.05 Bitcoin to send it back :D
When I readed it I had to laugh because I have backups & they took only my database ?

My computer is for almost 6 years nonstop running a xampp-server.
This is the first time something like this happens. Also I never updated XAMPP.

Factly the server is complete mash with tons of tests + scripts tryouts etcetera.
I knewn anything might easily could happen.

About xampp-server I would like to keep this version because I don`t know if things still working when I use an last updated version.

Further, I have non knowledge how to protect things to prevent.

XAMPP-server database was stolen

Posted: 10 Sep 2019, 12:23
by Admin
Hello,
I think the problem is not from XAMPP, but from the php script you made and run on your server.
It is possible that your database was stolen with SQL injection.
It is a common way to add and get data from a database through login and search forms which send data to the script on server.
To solve that problem you must check the whole script and filter all data received from outside, for example from URL or forms in page.
If you want to know more about that issue,m look on internet for: php prevent SQL injection

If you have an amateur, insecure php script, an user can even create /upload a php file on your server and then he can access it to run that code on your server.