Bastard keeps hacking my site!

One of my site keeps getting hacked by the same Mother Facker.

Heres the message i got when i went to my url:

What a piece of shyt.
What do you get out of hacking other peoples sites.

If you go to google and type "hacked by fedai"

You will get a giant list of hacked sites by them. They are turkish i think.

Come out and show your face you coward.

 

Sorry to hear that your a target. I would be furious aswell.

 

How did they hack your site? Brute force?

 

That sucks man, best of luck..Some people just have to much time on their hands..

 

I'm sorry for that mate. I think you should tighten up your security.

--Joe

 

They probably defaced it.

 

I had someone hack into my sites. i was hosting with webtonight hosting
That was my problem. Now that I moved them its ok.

 

Those turkish hacker groups don't have anything to do, so they improve their skills on hacking peoples websites. Those hackers have hacked many websites, that I know. You should connect your host and to improve your security by upgrading your stuff.

 

They probably got in by exploiting a script.

 

Yep. You should have a programmer check and see if there is any security breaks in your code.

 

Secure bether becouse they continualy hack with the same exploit ...

 

dam, how do you avoid this then?

 

Make sure your code is secure and doesn't allow hackers to send malicious code to your host.

 

There is a notorius Turkish hacker group. Why can't they just leave people at peace? I have always wondered why such people hack and create virus programs to infiltrate computers.

 

No kidding, what do you get out of it? They should put their skills toward something useful.

 

Google only turns up 458 results for "Hacked By Fedai." I don't think they're all that clever. They're going after sites that make simple mistakes. At best they're script kiddies and they're easily stopped.

When you allow user submitted content make sure you don't allow anything with an extension that is parsed as a server side scripting language such as .pl and .php files.

Another easy to use safety is PHP's Safe Mode which doesn't allow scripts to go up directories. You then give each user their own folder and even if they manage to get a PHP script uploaded and trick the server into executing it, they can only affect their own directory.

Another alternative which may be a bit extreme is to gzip all user submitted files and only allow them to be downloaded as gzip files. You'd just add a .gz extension to the compressed file. At that point there's no way to execute server side.

Some poorly designed PHP scripts require that safe mode be turned off. Any script that can't work with safe mode on should not be used. There's no excuse for it.

 

Hackers mostly only hack websites for the fun of it believe it or not! they like the challenge... to beat a hacker you have to think like a hacker and cover up the holes! They like to see there skillz and test them.. They are idiots in the real world..Send a trojan there way!


If you send me a pm ill help get rid of them for you @ No charge!

 

Check your email/subscription scripts.

 

CalvinB: Great advice and I suggest everyone to use this!

IT

 

Sorry to hear that, the same person got me, send him an email and he will fix it for you....I think they just do it to show you have a weakness, but they are quick to fix...