Website Hacked ! Now what ?

rahul_mukerji · Apr 6, 2009

Hi:

Over the weekend (or at least thats when I noticed it) my website was hacked :realmad:

! Someone broke into the server with a sledge hammer and uploaded quite a bit of nasty content and posted a helluva lot of links there as well. I know this was in the past week, coz I do check my site regularly.

So, for the record, my website is a personal website which has my songs and art stuff. No e-commerce or financial data or logging clients passwords stuff. But I had links going out to people (for promotion of my music and art) so I had to immediately take down the site.

I reported it to my ISP and after opening the ticket took out the entire site (couldn't clean up, there was way too much hidden in all the little sub folders and such). :ugh:

So obviously the first thing for me is to find out who and how !

But from the rest of you Gurus out there: what can I do to prevent this again / what tips / pointers can you give me on making sure these things dont happen. What should I be doing on a consistent basis ?

I do check logs once in a while, but not that often. Guess that changes now !

I uploaded the site last night, but I'm sure they can hack it again since I haven't really changed much except remove the gallery (which is where I think they hacked in from).

Anyway .... HELP !!! :scream:

hufschmid · Apr 6, 2009

This happened to me once...

My old website had a - between my name and guitars......

It was once hacked and dissapeared totally.....

The only thing to do in order to prevent a dick to enter your website is to change your password every 2 days or so......

rahul_mukerji · Apr 6, 2009

I do change my passwords, but not that often. They are pretty difficult to guess even by bruteforce methods. I thought over 8 characters was good, apparently not.

Even so, I think they hacked using the coppermine gallery. I still gotta look into that ... can't check on anything from work !

hufschmid · Apr 6, 2009

rahul_mukerji said:
I do change my passwords, but not that often. They are pretty difficult to guess even by bruteforce methods. I thought over 8 characters was good, apparently not.

Even so, I think they hacked using the coppermine gallery. I still gotta look into that ... can't check on anything from work !

Also when your browser asks you if you want to save the password so that everytime you go online the password will be there...

Refuse....

Sometimes hackers use spywares systems to record your activity.....

Another way to give them a hard time is to combine lower / height case letters with numbers etc for the password, make is case sensitive........

stuh84 · Apr 6, 2009

How do you log into the server, via FTP or otherwise?

It may be worth asking the ISP if you can start using SFTP with public/private key authentication, that way the only people that can get in are those with the right key (a file with a LARGE string value) on their machine, which believe me, is a lot more secure than some password entry

rahul_mukerji · Apr 6, 2009

Thanks stuh84 !

I use Lunar Pages (if that helps). I'll see about the key authentication system. I hadn't thought of that. I use FTP/SCP to copy my files over.

My passwords use a mix of everything: Upper case, lower case, numbers and special characters !!

rahul_mukerji · Apr 8, 2009

I did some reasearch and found that my coppermine gallery was really old and they used an exploit in that.

I found this site really helpful.

Thanks everyone for your inputs and advice ! :wavey:

Website Hacked ! Now what ?

rahul_mukerji

Well-Known Member

hufschmid

Banned

rahul_mukerji

Well-Known Member

hufschmid

Banned

stuh84

The Viking himself

rahul_mukerji

Well-Known Member

rahul_mukerji

Well-Known Member

Latest posts