One Of My Website is Hacked Repeatedly, What is the Best Thing To Do?

ddd · #11 (**permalink**) 07-05-09, 07:25 PM

Oh, nevermind part of my advice. Since you do not host the site yourself, you should contact GoDaddy for them to help you out. IF they are unwilling, switch hosts.

wirehopper · #12 (**permalink**) 07-05-09, 11:48 PM

Yes - I mean when you upload a new copy of index.html. It's possible that there are characters in the file that are causing the server to misinterpret the content.

To check that idea, upload the file and view it immediately. If it isn't exactly as you want it to be, take all the text, paste it into NotePad and tinker with it on your PC until it looks right, then try again.

Julie Viola · #13 (**permalink**) 07-06-09, 12:51 AM

Sorry guys ... I was not home so I was not able to respond to your messages..
Boraan, Thanks very much for your offer but at the moment its still looking good so I will try and see what will happen. I made some few changes based on the many recommendations from different forums including this very forum which is very helpful.

The site is not a WordPress site blog, but rather a static html. it's a very simple hmtl site here is it MyNoogee.com

Thanks every one for the support and sharing of your ideas and knowledge...

Julie Viola

therocket954 · #14 (**permalink**) 07-06-09, 08:37 AM

Bringing it down to basics... if the HTML is changing and there is no other methods to change it dynamically (no web forms, databases, etc.) then they're probably being uploaded with the changes. So definitely change your passwords for FTP, Cpanel, etc.

As well, I would check with your host to make sure you don't have any issues with your .htaccess file (like referrer hacks happening).

Julie Viola · #15 (**permalink**) 07-06-09, 12:26 PM

Many thanks therocket954

I think the is the best way to do it right now. I did change the ftp password before I re-uploaded it. and I have already contacted Godaddy.com and they say everything is alright.

About the .htaccess file, I don't know much about that but I will try and follow up with my host.

Thanks again Eric,

Julie Viola

Boraan · #16 (**permalink**) 07-06-09, 03:06 PM

Great advice to follow, definately use it. From the standpoint of security it's all preventative. When I was training in intrustion detection, preventative was the first part of security. Prevention, Detection, and Response.

We already know that someone is doing something. It's the traditional response to change passwords, add another layer of security, etc. (What we call the fortress mentality).

For someone who's been doing this for the better part of 10 years, I'd say that if after all of the advice is followed, if you still have problems then it would be time to go to detection and response. You already said that you made some changes and it still occurred, and that's why I asked for the logs.

If it continues, then you're dealing with a legit hack, either a person or an outside program that's deliberately making changes. If it continues then adding another layer to the onion won't help. There would need to be a more direct response.

You run a commercial site. Most people would say "ok she's got a site and someone's messing with it, big deal" but as your site is commercial and could viably offer competition to some big names, then I would not count out that you have someone trying to cripple your site.

Think about it.

wirehopper · #17 (**permalink**) 07-06-09, 04:22 PM

There are 3,510 sites (Reverse IP - View all domain names hosted on an IP address) on that IP address. It is entirely possible the server has been compromised, and you will continue to have problems until it is cleaned up.

Julie Viola · #18 (**permalink**) 07-07-09, 02:34 AM

So that is what you got when you buy from godaddy.com or somewhere else with out a dedicated server? This is great to know as I do not know how things are.
thanks wirehopper...
And I really appreciate your detail analysis of "what if" on the issue Boraan. At the moment it is working and if something happens I will think about it and of course what you have been saying.
I hope those hackers will come back again...

Thanks a lot guys,

Julie Viola

Julie Viola · #19 (**permalink**) 07-08-09, 07:15 PM

Sorry guys I mean " I hope those hackers will NOT come back ....

but they are back again... Its been Hacked again and the problem now is that I cannot even re-upload or re-publish it.
I went ot my Godaddy.com account and changed the password and then try to re-upload it and its not working.
All I got from my web builder is that is OK, meaning it has already been published!

what the heck does these guys want from me?????? I just want to make an honest internet site that hopefully will make some small change for my effort and some people who have the heart to just HACKED IT!

I Hope they can go to HELL!@@

Julie Viola

Julie Viola · #20 (**permalink**) 07-08-09, 09:28 PM

Guys and Friends,

I finally get it going for now again but I don't know how long this will take but it is very annoying to say the least. I hope who ever is doing this will email me tell me what is he or she is hating about me and my website.
I don't know of anyone that I have trespass but if I did to please let me so I can correct hings.
I hope the hackers will leave me alone now.

Thanks
Julie Viola