My first site which hacked

Today my first site which hacked what a sad day.

What you suggest , how I can trace the attack? from a simple cpanel account

 

First of all, what are "symptoms" of the hacking?

 

A white page with following message :
<<F*** You The T*urkύs H***Acker L***uKeNS & D***j KAdir>>>

 

Could be same issue as here: http://forums.digitalpoint.com/showthread.php?t=20193

First go through your files, search for relatively big php files (remote consol).

Make sure all scripts you use are up to date

contact your host.

 

Hi blue_angel...If you wish I can secure and pentest your box for you for a small fee. Contact me by PM if interested.

 

Thanks a lot for your response Codeassist Thanks for your offer but it's a share account not server

 

Yes but you can take steps to secure your account buddy. Turkish hackers are normally defacers and will deface your website again after hiding the shell script somewhere on the shared server. This can allow companies to lose valuable time that could have been allocated to making revenue.

Most likely you have an insecure script running.

Regards,

 

Thanks codeassist for your help

 

i know 2 think about to prevent hacking .

1. choose a good cms which has no securiry hole
2. choose a good hosting provider who cares security

 

I agree. I've had this happen to my sites in the past that were on a shared host. One of the other accounts, unrelated to mine had an insecure script and the hackers rooted the server. Web site security is a bigger issue every day.

I'd advise also moving to a more secure host. When you do ask about their security policies and make sure they firewall the server.

 

blue_angel : what scripts you are using on your site?

 

Be prptected from Shells....I can bet that you will STILL have some shell left on your account which can bring the server DOWN.

May be rXXX or cXX..they are most common and most powerful as well available these days

Check every PHP file(which you think not available in original script) by executing it in your browser..the most simple way to find

 

Just update all the scripts.The problem can be with ur scripts inside ..........
Let us know the page which get hacked ???

 

I had a Turkish hack on a phpNuke site last year. Based on the logs it was SQL injection. I was able to get into the database and find where they inserted their data (Turkish statements and a redirect to some page "by darby").

 

are u hacked bye turkish guys? if yes they just replace ur index file. upload index file again and set permission to 555. (Read and execute only)

 

The problem was on script flashgamescript had a huge security hole more
http://forums.digitalpoint.com/showthread.php?t=257786

 

call 911 and tell them and Write in every Forum, tell every relative and Put some banner in the streets, go to Tv station to tell them too that My first website got hacked.
Then you get Pleasure and you start working on 2nd Web!!!

 

i have over 20 site smart indian singer the post is to report security problem and inform the other user