website hacked

W

wmacquinn

Member
Reaction score
0
Okay so a website I am staff on is now hacked. it's finestbattles com. How do you stop this. I know the best way to stop a hacker is to know how they do it. Are there any good books out there someone would recommend to teach me what they do so I can block it. Or better yet, help me block it all together. Thanks in advance
 
Do you run the server yourself or is it hosted somewhere?
If it's not hosted by you, you can start by having strong usernames and passwords.

If you host it on your own hardware, obviously the strong passwords still apply, but you need to check a lot more. Check to see what ports are open, if there are any that you don't use, fix them.
Make a list of all of the software you use (Apache, Wordpress, your OS, any remote admin software, etc) and then search for exploits, security patches and major updates. Make sure all of the passwords and admin defaults are changed. Set admin/remote access rights to only local users if you can.
That's just a very quick list to get you started. I'm sure others will have more.
Hosting your own site and keeping it secure is a tough job.
 
Have they taken the site down or have you done that until you sort out the problem? It would help to see what they have done and how your site is coded. When my site was hacked, it was the hosting companies fault as they had an outdated version of php that allowed sql code injection.

Changing your ftp/hosting password would be a good start. But essentially you should contact your hosting company (unless you host the site yourself?) as they should have access logs.
 
I dont host the site myself. Whoever hacke the site locked it down. When you clivk on it it goes to another sitr the one they are from. It is a rivalry kinda thing it seems. I just wish I could find ou how and who they are.
 
Nobody will be able to help you because you didn't describe what is actually happening. I tried going to the site, but it seems to be down now. If the "hacker" did that you should probably check your DNS settings, and the email account linked to your registrar's account.
 
Most of the hacks that I have seen are SQL injections while using MySQL and PHP. Make sure that you have all your patches if you are running Mambo, Wordpress, OSCommerce, or any other PHP and MySQL site. Make sure that you host has the latest version of PHP. Once it is fixed, make backups of your data so that you can recover quicker in times like these.
 
Problem fixed. Turns out the so called hacker was on staff for the site. He got an offer to go to another site and decided to mess with us before he left. We recovered with a backup from the day before and ip banned him. Just in case we have all staff routinely changing their password more often,
 
wmacquinn said:
Problem fixed. Turns out the so called hacker was on staff for the site. He got an offer to go to another site and decided to mess with us before he left. We recovered with a backup from the day before and ip banned him. Just in case we have all staff routinely changing their password more often,
Click to expand...
Wow. That sucks.
 
What a little b***h. Glad to hear it's all sorted :) I would probably expect a months free hosting for that :p
 
You must log in or register to reply here.

Similar threads

Velvis
SMS Spam
Replies
12
Views
1K
Markverhyden
Markverhyden
thecomputerguy
How long after I delete a team can I recreate it as a shared mailbox, or am I doing this wrong?
Replies
7
Views
242
thecomputerguy
thecomputerguy
Velvis
Dentist office using Eaglesoft
Replies
1
Views
244
YeOldeStonecat
YeOldeStonecat
Blue House Computer Help
[REQUEST] Gmail hacked (again)
Replies
19
Views
2K
Blue House Computer Help
Blue House Computer Help
HCHTech
Email authentication help
Replies
7
Views
938
Sky-Knight
Sky-Knight
Back
Top