I would like to know how someone possibly did this to my site. They hacked into the FTP account I guess, and they then changed my homepage to show an israeli terrorism site. This wasn't a forwarding problem as well, they changed my entire homepage. In the META tags, they changed it to: "you have been hacked by _____" Even worse, this was a site I was doing SEO for so this is definitely not good for my image since their site was hacked while I had their FTP info. Anyways, I was able to reload all of the proper pages within 10 minutes of noticing it and everything is back to normal, but is there a better way to protect my site from this happening again? The only thing I could suggest to the site owner was to change his FTP password right away. EDIT: Okay, apparently the site was hacked by a Saudi Arabian hacker named Devil-X.
What control panel are you using? Certian CP's have bruteforce protection which blocks an IP after 5 mistakes, I use it on my CPAnel server.
A flaw i noticed in someones site is they had an upload script that allowed you to upload any file type. PHP script that forces download of config file and.....
Yeah, you need to watch out for that, html too even flash. Nice to see you after all these years andy!
Well, I finally found the reason why my website got messed up -- the server it got hosted on was hacked. Every website on the server had their mainpage changed into the "hacked by" page. Everything is now back to normal though, thankfully.
I had a free hosting server hacked a while back. Now all of my hosting servers are as secure as Fort Knox. I have ssh changed to a not standard port, private ssh only, mysql root password in virtually incrackable as is root admin. Hardware firewall/ software firewall with brute force protection, tmp folder mounted correctly, latest linux kernel etc etc, theres a lot a host has to do to keep out pesky hackers, sadly many of them dont.
This may not be a FTP hacking. I'm not 100% sure but I think you can inject any amount of code into a file through a text field of some sort. Meaning if you had a "Submit your thoughts on this" section it may be possible for someone to mess with it a little bit and slide in a index.html file into your server. I won't tell you exactly how because I do not want to show people how to do it... it is HTML injection I am pretty sure.