Need help..my website was defaced by turkish hacker iSKORPiTX. He defaces my website by replacing index.php with turkish flag page. Can anyone help me how to fix it and what caused it?
This is my site: perizinan-bintan.info I have overwrite the hacked index.php file with the original but what caused it?
Your site is currently offline, so I can't give much info about it. However, check if your are using a web application (wordpress, joomla, etc) that is not updated. That's generally how attackers get in most of the time. I also recommend http://sucuri.net to scan your site and check for malware. thanks,
Also check for phpmyadmin, oscommerce, zen cart, all software. We've seen often times where people using a VPS for their site have a copy of some utility/admin software that's included in the standard VPS installation that hasn't been updated and hackers find it and exploit it. Frequently the website owner never knew it was there and never used it.
I personally wouldn't rely on software to protect my website. I recommend learning sql injection and pentesting your website w3af is really simple to use but you probably wont know what to do once it finds an exploit so when you do pm me and ill try to find it or i could send someone else to help you with it if your alright. Lots of people do it for free but you just need to know where to find them.
Make sure to contact your hoster aswell , they might be able to tell you exactly what happend. Most common cause: Outdates CMS / Forum etc.