SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Member
    Join Date
    Sep 2011
    Posts
    1
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Angry 123 hacked server

    hi
    i have a server for my website through 123 - approx weeks ago it was hacked and all the ftp files where lost but not the data files - the site has ecommerce zencart system on it aswell and we could not log into that either - my web designer uploaded the site again and changed all passwords etc like 123 said to do. Its bben fine for 4 weeks now but again we can not log in to the admin on zen cart and some of the web site text has been wiped off again - 123 says it nothing to them - my web site designer says the same - arrggggg
    any ideas

  2. #2
    Visible Ninja bronze trophy
    JeffWalden's Avatar
    Join Date
    Sep 2002
    Location
    Los Angeles
    Posts
    1,709
    Mentioned
    5 Post(s)
    Tagged
    0 Thread(s)
    Well, you really do need to find the source of the intrusion. It's possible, but not always easy. A log file is probably going to be your best bet. The software you're running on the server could have been susceptible to an attack, such as SQL injection. It's really far more common than most people think. Alternatively, but less likely, the intrusion could have come in from the network level.

    I would start by checking the FTP logs. Given that those were the only files to go and the database was left in-tact, there's a good change your FTP access was compromised. Even if you change the FTP passwords and the system is vulnerable, the hacker could find the FTP credentials and simply start all over again.
    TAKE A WALK OUTSIDE YOUR MIND.

  3. #3
    SitePoint Addict
    Join Date
    Apr 2009
    Posts
    359
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Another thought, scan your workstation and any other workstation that may have used a ftp client to your site. Some malware steals ftp passwords from client programs like filezilla then days or weeks later the bad guys use the stolen ftp password to hack your web server.
    Doug G
    =====
    "If you ain't the lead dog, the view is always the same - Anon

  4. #4
    Life is not a malfunction gold trophysilver trophybronze trophy
    TechnoBear's Avatar
    Join Date
    Jun 2011
    Location
    Argyll, Scotland
    Posts
    6,450
    Mentioned
    274 Post(s)
    Tagged
    5 Thread(s)
    If by 123 you mean 123-reg.co.uk, then they have a facility to lock the ftp access. You need to do this via your control panel. You still need to work out how the hack occurred, but that should give you a little extra protection.


Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •