I am using justhost for hosting my all websites, I think it get hacked by someone, as I am facing lots of errors on my all websites, I contacted my justhost support team, there I found Mr. Bill, he was kind enough and he told me that my site get joomla injection or some malware and he removed that injection so my that website is error free now, but my other websites are still full of errors, I contact with just host again but now I don't think I will again find Mr. Bill So, I am sharing my tension here, if some one know the solution that how I can secure my hosting account, that script injection (as mentioned by Mr. Bill) has effected my all websites which are hosted on same account, may be I need to remove that script injection from each website manually and I am ready to do so, but I don't know how to remove such virus/malware or injection whatever it is Kindly, guide me.
#1. Steer clear of Joomla. Go with Wordpress, which is why they are used by millions of sites worldwide including popular ones. I've never been a fan of Joomla's security #2 Backup everything, restore it on another site and update your Joomla installation. I have a feeling a plugin, theme or module is not secure and needs to be updated. #3 Managed support If you pay a little bit more for managed support, you can get the support you require. Those "unlimited" providers such as JustHost, Go Daddy, etc. have to cut corners somewhere and support is usually lacking. I've found 1and1's support to be the best compared to other "unlimited" providers but I do not care for 1and1 as a company.
recently this happened to me, some hackers hacked my site and msg me that we will be back hhahahaaa they are confident!! and when i checked from my developer he said it is the issue of WP some Scripts are security less...
never use outdated scripts , keep the scripts and plugins updated, use wp. have your own backups to replace the bad code any time.
i see a lot of people getting hacked for things which can be easily stopped. Most script kiddies rely on outdated scripts, failure to chmod files and folders correctly, or weak passwords. A MD5 taken from an sql injection only takes 10 seconds to 20 mins to crack. Salt your hashes or use strong passwords that shouldn't appear in a rainbow table Secondly, chmod folders to 744 and files to 644. This will take away the RFI and CSS (cross site scripting) attacks. Sure they may be able to execute the attack with a shell via RFI's but they cant do shit because the permission tree is correctly set. Last - update update update. When a security patch or update is released for your CMS or whatever, update!