Site Hacked

mmicha

By mmicha
in Shared Hosting

 Share

Recommended Posts

mmicha Newbie

mmicha

Posted
Posted

Hello,

 

I've been alerted that sites under my account have been compromised.  We are not running Wordpress or any actual CMS type of system.

 

Yet, somehow malware html has been injected into several pages of these sites.  Can you explain how that can happen and how to prevent it?

 

Has my whole administrator account been hacked, it just appears pages.

Link to comment
Share on other sites
Fowler Senior Member

Fowler

Posted
Posted

Hi,

Not an official reply but it sounds very much like your FTP or cpanel details have got into the wrong hands. The first thing you should do if change passwords for your cPanel and FTP accounts you have set up. Then clear up your site. A quick way to see what files have been modified recently is by sorting all your files by the last modified date in cPanel or FTP.

HH staff will be able to give a better answer as they have details on your account.

Link to comment
Share on other sites
Brian Senior Member

Brian

Posted
Posted

Yet, somehow malware html has been injected into several pages of these sites.  Can you explain how that can happen and how to prevent it? Has my whole administrator account been hacked, it just appears pages.

 

Impossible to say without having a detailed look at your account I'm afraid. If you have a ticket open, let me know the ID and I'll take a look if it hasn't been addressed already.

 

Not an official reply but it sounds very much like your FTP or cpanel details have got into the wrong hands. The first thing you should do if change passwords for your cPanel and FTP accounts you have set up. Then clear up your site. A quick way to see what files have been modified recently is by sorting all your files by the last modified date in cPanel or FTP.

 

Spot on advice. Also worth scanning your computer, and the computers of anyone with access to the site, for viruses. A lot of times a compromised local machine leads to stolen login credentials.

 

My typical response for anything hacked " bulldoze your site and restore from a last backup that worked", you can do that from Cpanel if you still have access.  Then change all FTP/Cpanel passwords.

 

And this hits on the importance of backups. We do keep backups of user files and databases, but at any given time those may be inaccessible and/or unavailable (though this rarely happens). Keep regular and consistent backups! :)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing