We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
Contact Forum Editor

Send an email to our Forum Editor:


PLEASE NOTE: Your name is used only to let the Forum Editor know who sent the message. Both your name and email address will not be used for any other purpose.

Tech Helproom


It's free to register, to post a question or to start / join a discussion


 

Home page (index.html) hacked


grumpy-git

Likes # 0

Just had the shock of my life to see my home page overwritten.

Won't say what it said or what it advertised, as I don't want to "promote" whatever it is.

Have just e-mailed my web host informing them of time & date the page was uploaded. Probably a good idea to change my password as well.

Any other suggestions? Are these sort of incidents a 1 off?

g-g

Like this post
Kemistri

Likes # 0

It's a shock when it first happens. There are three common possible causes, and you need to investigate them to prevent a repeat:

Your FTP password may been grabbed one of the examples of malware that are design specifically for that purpose. No security software has 100% detection - it's not practically possible.

If you have a shared server, as most people do, someone else's server space was compromised to an extent that allowed access to your account, which can easily happen if the host's own security measures are not good enough. This can be spotted if other sites with the same host are also hacked. If you can find evidence for this, move to another host.

Your PHP scripts are not up to scratch security-wise and someone with the skill to do it was able to exploit that. Similarly, your php.ini file may need some adjustment. If you have any PHP programs on your server but you don't have a php.ini file, you need one!

The last option is the most common method of hacking websites.

Like this post
grumpy-git

Likes # 0

Kemistri, thanks for the reply

Yes, it is a shared server.

I've also changed my ftp password as well as my ISP log in password. Using upper & lower case & numerics, so nothing comparable to a normal word.

No php files in root of web space, but do have phpbb & Coppermine software installed in their own folders & they seem OK. Also, that software is the most recent version, I always update when new versions are released.

g-g

Like this post
Kemistri

Likes # 0

PHP doesn't have to be in any particular location to be vulnerable, but at least you have the latest builds. That is vital with any open code.

Like this post

Reply to this topic

This thread has been locked.



IDG UK Sites

Microsoft smartwatch release date, price and specs rumours: Launching within a few weeks

IDG UK Sites

Why you shouldn't buy the iPad mini 3: No wonder Apple gave it 10 seconds of stage time

IDG UK Sites

Halloween Photoshop tutorials: 13 masterclasses for horrifying art, designs and type

IDG UK Sites

Should I upgrade from Mavericks to OS X 10.10 Yosemite? What you need to know before updating to...