Posts Tagged ‘openX’
An article posted today on Yahoo! Tech News details some recent hacks to popular websites running the popular open-source ad server system OpenX. Among the affected were King Features (a popular comics site), Ain’t it Cool News and Adobe.
The two prong hack features two common techniques in releasing viruses these days: a “SQL injection” attack to the OpenX ad server which essentially forces an entry into the ad database, followed by a “iFrame” attack which loads a new page within the same window in your browser, enabling the hacker to fire a number of different pieces of code from the new “framed” page.
An iFrame attack can be avoided by using any decent anti-virus software to block the source, however a “SQL injection” is another matter. I’ve recommended that any of my clients using the OpenX software upgrade to the latest version and attempt to hide any publicly available database config info.
Speaking as a person who’s used a SQL Injection technique in a non-malicious way (as part of a plugin), the best route is to always make sure you keep your password hidden and up-to-date.
Being a big proponent of OpenSource software, I’ve been using the OpenX ad server platform for many years now. Needless-to-say I was very happy to have recently downloaded and installed their latest release which features some huge improvements to their only shortcoming- the user interface.
OpenX is a free PHP/mySQL software thats fantastic for delivering advertisements for web for pretty much any kind of delivery from small ad tiles on your website or full server functionality (like for media players). Recently implemented on a Flash radio player developed for my buddies at CustomChannels, I’ve found it to be an easily customized and implemented solution for keeping tracking of ads and getting professional level statistics.
If you’re looking for a way to increase revenue to your website or implement a full-scale ad campaign for media delivery, ask me more about OpenX!