1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

ALL my sites hacked by Turkish hacker

Discussion in 'Black Hat SEO' started by liviug, May 20, 2012.

  1. liviug

    liviug Junior Member

    Joined:
    Feb 4, 2011
    Messages:
    172
    Likes Received:
    79
    More than 20 of my sites have been hacked. The index.php file has been modified.
    I host all of them at hostable. Lucky me i had backups

    Tell me your solutions to stop these kind of atacks.
     
  2. twohkz

    twohkz Regular Member

    Joined:
    Dec 21, 2011
    Messages:
    472
    Likes Received:
    222
    Occupation:
    IM
    Location:
    Earth
    contact your host compagny, it's hppened to me twice, only you can do is :
    check your site vulnerability
    add the newest hack fix to your CMS
    reset you FTP password
    change the Admin & Password in your dashboard
    dont change only the DB Password but create new DB


    the problem is that the server have a back door..
    only the host company can fix it !
     
    • Thanks Thanks x 1
    Last edited: May 20, 2012
  3. trapmarketing

    trapmarketing Registered Member

    Joined:
    Mar 2, 2012
    Messages:
    84
    Likes Received:
    41
    Above poster is dead on mark, you should also check to see if you have any keyloggers possibly installed on your work machine.
     
  4. ch33s3mast3r

    ch33s3mast3r Newbie

    Joined:
    May 20, 2012
    Messages:
    6
    Likes Received:
    0
    Get your host to add a login attempt limit, so they can't bruteforce it. Worked for me when I used to run a proxy network
     
  5. ComputerEngineer

    ComputerEngineer Senior Member

    Joined:
    Apr 25, 2012
    Messages:
    833
    Likes Received:
    70
    If you use a decent password it is impossible to hack with brute force :)
     
  6. Balsac

    Balsac Newbie

    Joined:
    May 18, 2012
    Messages:
    9
    Likes Received:
    0
    Here is what you can do:

    1/ Use the most recent CMS software.

    2/ Make sure to change all passwords.

    3/ Make sure that the PC you use to login to you site's admin panel isn't bugged.

    4/ Report them. Use the log file and find out there ip's and report them to the authorities.
     
  7. jhonson5

    jhonson5 Power Member

    Joined:
    Mar 4, 2011
    Messages:
    599
    Likes Received:
    64
    Occupation:
    Engineer
    Remember a hacker can easily save a copy of your webpage, then modify the HTML and javascript, then re-upload the page. Therefore, it is best to never use javascript alone for input validation since it can easily be removed, and instead duplicate any javacript validation with ASP validation. Also, hidden input fields are a threat in the same way since they can easily be altered to include bogus code. Other tips include: Never give away any clues about your database, including making your input field names the same as the database field names. Always set a max length for inputs and truncate the excess.
     
  8. dog-tag

    dog-tag Senior Member

    Joined:
    Oct 19, 2010
    Messages:
    811
    Likes Received:
    912
    Occupation:
    Full-Time Internet Marketer + Business Consultant
    Location:
    Thailand
    if they left any aff links you could trace those also, good thing you have backups!