hiya everyone, its been 2 months my website is hacked by some hackers, i have traced everything i found few php fiels uploaded on my ftp , files were slave and coded for some hacking tool i deleted them but still they uplaoded thoses files on my ftp. and they adding iframes on my page where traffic is coming, currently my this page is hacked http://pakistani.pk/songs help would be appriciated
Hello, Most of the cases, these sort of uploads are done through stealing your FTP password with a trojan hosted on your own PC. This is pretty hard these days to make sure PC is cleaned before you login to ftp. This is why I always suggest people to make sure his permission bits are correctly set on the host side to prevent writing. Do not set writing bit as long as you are not really needing it. You should also try to use themes, plugins from developer who are pretty well known and doing job for a long time. I have seen most of the cases, these themes and plugins causes a lot of open bug in your CMS and make it hackable! Good luck.
Change your FTP password immediately and make sure your PC is not infected as mellowhost suggested. You still might need to clean up your account or ask your host to help you. Most hosts will help with these kinds of issues.
Why bother with ftp when site is insecured? There are alot of sql injection holes. "Hacker" can easy inject shell in Your site.