Welcome to WebmasterWorld Guest from 126.96.36.199
But couple of days ago when I opened my website their was some kind of music running on my website and little cartoonic character was dancing and there was writing "we have hacked your website....and so on".
when I login to my ftp all of my file was deleted there was onely on index.htm file which was from the hacker.
I immediately contacted my hosting Rep.. give him all information, he told me you should keep more complex password etc... $,@*>,.
I did exactely what I was told and through the server backup I make once again my website online, but after the 20 hours my website again hacked, when I contacted the hosting company they told me there is some kind of security hole in your proramming please check it.
My question is that is there is any way in php from which the hacker can login to my ftp or cpanel account and delete all of my file.
Please expert developer in php give me some advices so that my website cannot be hacked or how can I improve my website security.
Thanks in advace to all respectable member of this forum...
The tech support is **probably** correct, but sometimes they just throw an answer out when they don't have one. Ask yourself:
Do you filter input? Do you have register globals off? If I input, say "my name" into one of your forms, is it echoed back somewhere when I submit, like
If the answer to the first two is no or the third yes, this may not be how your site was hacked, but it's definately vulnerable.
Since you are going to be a while figuring this out, here is a simple test to see if it's your programming or not.
Get your site back up, view source of the pages, save them as static files. Not PHP. Disable any forms, etc. that would require server side programming. Remove ALL PHP scripts, all of them.
Upload **just** the static files to your site. Immediately change your passwords, and use **only** SFTP to connect to your site.
This serves two purposes: static html pages cannot be hacked from public page input, and you will have content on your site while you figure it out.
So if it gets hacked again when only static pages are on your site, it's something else. Don't overlook an important one: if you are on shared hosting, the hack may come from some other insecure site on the same box. It may not even be you.
A side note that most people don't know: when you connect to a site using "regular ole' FTP," the u and p is sent in clear text, with each file you transfer. Someone sniffing the data on a server can capture these. Most people get by without ever getting hacked this way, but it does happen.