First a little history....

In the fall of 2010, I noticed that someone had been adding scripts to my website(s), usually an onload() stuck in the body tag with an encrypted script.

After doing reading, I found out that leaving my file permissions set to 777 was leaving my site wide open to the world. After that I started setting all files to 444 which seemed to fix the problem.

Friday June 24, 2011, I went to my main testing site and noticed that the page was loading slow and saw that it was waiting for something that I didn't recognize. Quickly I closed the browser and ran a virus scan. After it came out clean, I connected through FileZilla and saw that my index page file permissions had been changed. (I am very cautious about the permissions and know that I didn't leave it set to anything but 444).

I deleted the index page and uploaded a clean copy then changing the permission to 444 as usual.

Without thinking, I went to my other site (without checking FileZilla first) and a java applet downloaded a virus to my computer.

When I finally was able to go there through FileZilla, I found both the index page and log-in page had the permissions changed.

Now to my question....

1) How could someone change the file permissions other than myself and change my files? (I'm the only one with access)

2) How can I stop this from happening again?


To be honest, this kind of stuff almost makes me want to give up web design and learning anything about it. I really like doing it, but if my sites would hurt anyone else, I don't want to do that....