Hi
I opened up my website homepage tonight and was horrified to see that all that appeared on the screen was:
oops
When i checked the page on the server that was all that was in the html too!
Has anyone had this before?
Can anyone suggest how it happened? (Noone knows my ftp details as far as i know)
What should i do now????
Thanks folks
teammatt3 posted this at 21:41—18th August 2006.
He has: 1,855 posts
Joined: Sep 2003
You probably got hacked. Is your index or config file chmod to 777?
ChrisL posted this at 23:03—18th August 2006.
They have: 68 posts
Joined: Dec 2005
I have no idea how do i find out and what difference would that make? I currently just use dreamweaver to ftp my files.
How did they manage to do this and what can i do to prevent it in the future? What should i do immediately as i have a reseller hosting deal with a bout 12 sites on the same server and Ill be right in **** if they all go down with this!
demonhale posted this at 01:24—19th August 2006.
He has: 3,255 posts
Joined: May 2005
make sure you set the files to either at the very least a 755 by right clicking (maybe) on your ftp and setting read/write permissions... 777 file permission on files usually gets hacked in a vulnerable server... it can even write over php or html files...
Visit my New Blog Gee, Please... | Designer Graphics 9
linkchaser posted this at 08:03—19th August 2006.
They have: 14 posts
Joined: Aug 2006
Sad to say.. you got hacked. Hackers nowadays are pretty good and you don't want to be one of their victims. Well as for the moment, you are.
So next time make sure to double check the settings of the read/write file permissions to your site.
____________________
Get your Australia Visa
ChrisL posted this at 13:27—19th August 2006.
They have: 68 posts
Joined: Dec 2005
The hacked page has now changed to:
http://jenizix.info
Greg K posted this at 13:44—19th August 2006.
He has: 1,638 posts
Joined: Nov 2003
Just to verify some things:
1. Are you using a hosting company or running your own server?
2. What OS is the server running on?
3. If it is hosted, have you contacted your hosting company to notify them of a security breach on your account? They knowing the server, and having access to all the log files would be able to better tell you how you were hacked.
4. If it is your own server, check the timestamp on the file, and then check your log files to see who was logged in at that time.
-Greg
[This space intentionally left blank]
Cool Geek Supplies: www.ThinkGeek.com
ChrisL posted this at 17:31—21st August 2006.
They have: 68 posts
Joined: Dec 2005
1. Are you using a hosting company or running your own server?
Hosting company and i resell hosting to my customers.
2. What OS is the server running on?
Linux
3. If it is hosted, have you contacted your hosting company to notify them of a security breach on your account? They knowing the server, and having access to all the log files would be able to better tell you how you were hacked.
Yes, they have found the IP number that accessed my page using my ftp details. They say it was a russian based host. They have just said to change password using secure methods.
4. If it is your own server, check the timestamp on the file, and then check your log files to see who was logged in at that time.
How do I change the file permissions using dreamweaver ftp as that is what i normally use to upload files? Or is there a better way?
Greg K posted this at 17:48—21st August 2006.
He has: 1,638 posts
Joined: Nov 2003
If it was someone accessing the pages using your ftp login, it won't matter one bit what permissios you put on the file. If they are logged in as you, they have the same access you do. Changing the file permissions will just prevent people logged in as another user (or running something malicious in a script) to modify the files.
-Greg
[This space intentionally left blank]
Cool Geek Supplies: www.ThinkGeek.com