+ Reply to Thread
Results 1 to 7 of 7

Thread: My homepage hacked. How can I protect myself?

  1. #1
    b& MrPixels is an unknown quantity at this point
    Join Date
    Jun 2006
    Location
    North Carolina, USA
    Posts
    35
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Exclamation My homepage hacked. How can I protect myself?

    Hello.

    I put hours into making my site look good. Then woke up this morning and poof, its gone. Now my zpanel and user files were all ok. But, they signed up as dogtag. And uploaded a script called nstview.php and ran it. I looked at it and... what... its very complex and all in php so I dont know it. I thought I was secure. But oviously not. So, are there any tips on how I can revent this? Besides making backups? I know I know. Dumbass move, but oh well... Also, it sayed "hacked by goodbody" anyone heard of them?

    FireFightFM
    PS: I would release the code for you to look at but... I cant trust people.

  2. #2
    Pro Member Fried has a little shameless behaviour in the past
    Join Date
    Sep 2005
    Posts
    317
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I'll might be able to help you, talk on msn / send me the code in attachment. Im expierienced in PHP.

    My msn is gopzap@gopzap.net or just PM me the code.

    BTW Im not a hacker

  3. #3
    Wo ist mein handy utcrazy is a name known to allutcrazy is a name known to allutcrazy is a name known to allutcrazy is a name known to allutcrazy is a name known to allutcrazy is a name known to allutcrazy is a name known to all utcrazy's Avatar
    Join Date
    Jul 2005
    Location
    Toronto
    Posts
    2,891
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Can't think of anything myself except OFFSITE backups. Whether this is burning a CD ad the DC and taking it to another location, or having the files automatically copy to another server every day. Anything can happen, even in the most protected DC. Redundant backups can save a website from being down too long as wlel. P.S: Don't trust someone with 13 posts, go with a more experienced FWSEer. You could trust someone like me with 1200 posts and a good rep, but I don't know PHP.

  4. #4
    ServerOrigin.Com serverorigin has disabled reputation serverorigin's Avatar
    Join Date
    Jun 2006
    Location
    Oxford, MS
    Posts
    1,158
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I would suggest finding a host that has secure servers for one thing. If certain restrictions were in place this usually cannot happen.
    • ServerOrigin.Com • ethProxy™ DDoS Mitigation • Protect your current server in minutes! •
    [Intrusion Detection • CDN • DDoS Protected VPS • DDoS Cloud Hosting • 99.99% SLA • AnyCast IP Services]
    [Enterprise-Class DDoS Protection • Automated Datacenter Failover • Serving more than 1 million domains!]

  5. #5
    Senior Member repoman has a little shameless behaviour in the past repoman's Avatar
    Join Date
    Jun 2006
    Location
    localhost
    Posts
    227
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Also ones with offsite daily back-ups or at least weekly.
    also never heard of goodbody but there are many script kiddies now
    Hosting packages for you!
    24/7 Support, State of the art servers, excellent uptime. Nothing better could be provided!
    SiKo-Hosting, The Hollywood of Hosting!

  6. #6
    Muffin <3 Erizo is just really niceErizo is just really niceErizo is just really niceErizo is just really niceErizo is just really nice Erizo's Avatar
    Join Date
    Jan 2006
    Location
    Ciudad Juarez, Mexico
    Posts
    1,122
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    secure servers, logging ip logs (o.o), changing passwords, a thing by a thing to make it more secure
    (\__/) Sup, recoil bunny here.
    (='.'=) Where the ---- was Decker?
    (")_(") I'd recommend TheHostingTool!

  7. #7
    Junior Member shinyblogs.com is an unknown quantity at this point
    Join Date
    Sep 2006
    Posts
    28
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    That script is a big collection of tools to help people hack servers, but it all depends on what you let your users do. You had a too-lenient configuration that let people you host do things that weren't safe. It's too hard to tell what the hole they got in with was from your post, it could have been any number of things.

+ Reply to Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts