WHMCS. Easily Hackable?

I went to check on my hosting site that I am working on getting up. And was shocked to see this: ( Check the site )

http://buynethosting.com/billing/

WHMCS was hacked by a group of Iranians.

Anyone know how this may have happened?. How I can stop this from happening again and How I can fix this?

 

Did you implement any of these additional security steps for your WHMCS installation?
http://wiki.whmcs.com/Furthur_Security_Steps

 

I just found out what they had done. And my friend fixed it. They had found an editable file and loaded it will all their crap.

 

which file ?
if you post it here other people which use whmcs can fix their installation too

 

Probably any file with Chmod 0777 when Apache's running as something like DSO or lower if you are running suexec/suPHP.

Jay

 

if you running as suPHP, you don't need to chmod the files into 777

 

That's exactly what I said:

Jay

 

mine is not... w w w . blokehost . com

 

I love having a smart webhoster.

 

If your copy of WHMCS was nulled check for a back door in it

 

I was thinking of the exact same thing...