My web site got hacked, on the home page malicious script was placed, I deleted and reloaded all web

BUT NOW I WONDER WHAT MORE CAN I DO TO PROTECT THIS WEB SITE, IT IS A INFORMATIONAL WEB SITE THAT DOES NOT GET ALLOT OF TRAFFIC, I MONIOTOR IT MYSELF AND THE SITE IS HOSTED BY HURRICANE ELECTRIC, I USED SFTP TO UPLOAD ALL OF TEH FILES ON THE SITE AND THE PASSWORD IS A 9 DIGIT NON SENSIBLE ALPHA NUMERIC CODE, I HAD A WEB SITE DESIGNER MAKE IT FOR ME AND I THINK HE USED PHP. NOW, WITH THE PASSWORD CHANGED AND ALL FILES REFRESHED WITH KNOWN GOOD FILES, I THINK I BOUGHT MYELF SOME TIME BEFORE MY NEXT ATTACK, APPARENTLY THE FIRST ONE CAME FROM THE UKRAINE. WHAT MORE CAN I DO TO PROTECT MYSELF

My web site got hacked, on the home page malicious script was placed, I deleted and reloaded all web files,?

Sounds more like a permissions problem on your website. Your PHP files are likely the vulnerable spot, as scripts are easy to grab and change if the permissions are not proper.

All your files should be restricted to execution by your website, and not be accessible to the outside world. I see many sites where their script files are located in a directory that is accessible via an anonomous ftp, which allows someone to go in and modify the scripts and files.

Get someone who has experience with such things to help you. It%26#039;s not something I can explain thoroughly here.

My web site got hacked, on the home page malicious script was placed, I deleted and reloaded all web files,?

alphanumeric passwords are good, but are easy targets for a good password dictionary or brute forcer. i reccomend a sentence, that includes numbers with no spaces. it is easy to remember, and almost impossible to crack.

EX: theraininspainfallsmainlyinjunespecifica...

you can shorten/elongate but you get the idea.

Peace!

~me

Other Replys:I see this kind of thing happen a lot.

Where I see it most often is people who hire the cheapest programmer they can get. Web designers are NOT programmers (and programmers, frankly, make lousy web designers) When I see this happen, I sometimes see these same people go right back hiring someone to %26quot;fix%26quot; the problem for the same low rates. I generally laugh at these people, they get what they deserve.

(I%26#039;m hoping you don%26#039;t make this mistake)

Your problem is most likely in the PHP script itself, the attacker may not have even logged into your account.

Anything with %26quot;file upload%26quot; capability is the first place to check, especially if uploaded files can be accessed directly through the web server. (for example, uploading a %26quot;.php%26quot; file and then accessing it in a browser,

NOTE: this can manifest itself for %26quot;image uploading%26quot; tools or mp3 file uploads. Make sure anything uploaded is run through a series of filters before being made available to a web server.

Other places to check are form inputs, anything that gets %26quot;eval%26quot;%26#039;d is suspect, finally, anything that involves file paths that are controlled via form variables.

You%26#039;ll probably read about %26quot;SQL injections%26quot;, doesn%26#039;t sound like that is what happened here.

Security is, unfortunately, something that is overlooked by cheap, low-rate programmers (they have to cut corners to be so cheap)

Secondly, as I said, web masters are NOT programmers. They%26#039;re good at layout and making things look really good. Programming on the other hand, is a different thing.