My site hacked again, what should i do

Hello,
my myspace site has hacked once again. This time the hackers left some info about them.

Their usernames are CoLL1eR & k0pac from http://www.securegb.com .

This is the second time my site get hacked.

What can i do?

Thanx in advance.

 

Find out how they hacked your site from looking at your logs and fix the problem.

 

Most important thing is to secure your site or server to prevent it being hacked. If a site is hacked, there is always a vulnerability. Since it is MySpace, contact MySpace about it, maybe they have a solution or at least they can be made aware of the situation and hopefully come out with a fix.

 

If its a myspace account you mean, change your password , and make sure every URL you enter your password/username into is login.myspace.com etc

 

We did not hack your myspace. We help people fix security issues on there site. We have nothing to do with myspace..

 

Not myspace account but myspace resources site.

 

If you are using a script, may be you should contact the script owner so that the holes can be fixed.

 

Ahh ok. Please remove the uploader which is yoursite.com/upload.php. That is a big security vuln in those myspace resource sites.. People can upload shells and access your site. Have a nice day.

 

Aaaah, so after all it was just a scriptkiddy that used an exploit to crack.

 

Is there a way to limit the uploader only to certain files. Like for the image uploader only allow .jpg of .gif files?

 

Yes, But make sure you limit php.jpg or php.jpg.jpg because people can change the file extension and upload a shell as an image. You can do that somewhere in your config file.