I’ve been informed by our webhost that one of our sites has been hacked. By gaining unauthorised access to the site, hackers have been able to send out spam using our domain name (using from: firstname.lastname@example.org in the spam).
We’ve been asked to remove these violated files and close any security vulnerabilities before the webhost can restore the site. We’ve been able to identify the files and removed them.
However, how can we specifically pinpoint and close any security loopholes so that it doesn’t happen again? The site is using lots of scripts etc. so we don’t know where the vulnerability could lie.
We’ve ran lots of sites since the 1990s and never had a single security violation, so this situation is a new one to us.
Thanks a million for any advice.