One Of My Website is Hacked Repeatedly, What is the Best Thing To Do?
07-11-09, 11:17 AM
|
 |
Coding Addict
|
|
Join Date: Jul 2007
Location: Clayton, NC
Posts: 292
Thanks: 0
Thanked 1 Time in 1 Post
|
|
Ok. you use the browser to upload files as well? Start using and FTP client instead of the browser. godaddy has their instructions listed here. https://www.godaddy.com/gdshop/ftpinfo.asp
They list a ton of clients but I'd recomment (and use myself) CuteFTP. It's small, fast and pretty simple to use.
For right now it's time to rinse and repeat. Change your passwords, reupload the site information and wait to see if it's hacked again. If it is, we take the next step
|
07-11-09, 11:19 AM
|
|
Newbie Coder
|
|
Join Date: Dec 2008
Location: Canada
Posts: 57
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Thanks very much Boraan,,... I will do that..
Thanks
Julie Viola
|
07-12-09, 10:57 AM
|
 |
Level II Curmudgeon
|
|
Join Date: Dec 2004
Posts: 3,027
Thanks: 14
Thanked 35 Times in 33 Posts
|
|
Quote:
Originally Posted by Boraan
They list a ton of clients but I'd recomment (and use myself) CuteFTP. It's small, fast and pretty simple to use.
|
I would suggest using a client like WinSCP, which uses the secure SCP/SFTP protocol....FTP is wide open and transmits usernames and passwords in the clear (not a good thing). If GoDaddy doesn't support SCP/SFTP, I would consider changing hosts (most good hosts these days support SCP/SFTP).
|
07-12-09, 11:34 AM
|
|
Newbie Coder
|
|
Join Date: Dec 2008
Location: Canada
Posts: 57
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
I thought Godaddy is one of the best host as what I heard form other marketing forums. I I guess from a coders or programmers point of view there are quite a bit more to it than just hosting. The other stuffs that goes with the programs or file transfers are kind of new to me and don't know exactly how they function.
Thanks
Julie Viola
|
07-12-09, 03:30 PM
|
|
Level II Curmudgeon
|
|
Join Date: Dec 2004
Posts: 3,027
Thanks: 14
Thanked 35 Times in 33 Posts
|
|
Quote:
Originally Posted by wirehopper
[url=http://help.godaddy.com/article/4982]To be honest, I'm not sure if the username/password are encrypted, or just the data transfered. Seems like SSL protection would be applied to the whole session.
|
I could be wrong, but I think it's everything (login credentials and data).
|
07-13-09, 02:33 PM
|
|
Coding Addict
|
|
Join Date: Jul 2007
Location: Clayton, NC
Posts: 292
Thanks: 0
Thanked 1 Time in 1 Post
|
|
Security is a fickle thing. From what I'm reading almost everyone has assumed, 'website hack, it's godaddy' - however if you all followed the process, I first asked for the logs. The reason would be to help establish a pattern "to identify the source" whether it was internal or external.
She couldn't provide the logs so the process of elimination started, beginning with her own computer. It stands that the most simple explainations are often the most true. I'm a trained security expert and what I saw, but didn't say was that changes to her site was being made after she made an upload to her website.
It as more likely that someone had her username/password and was monitoring changes to her site so they can make changes of their own.
Hence I asked her to scan her computer for things like keyloggers, trojans, etc using specific software and she did find one. One that has a history of corruption and security risks via the browser.
That's why I asked her how she logged in to godaddy and directed her to use a software like CuteFTP.
I recommended CuteFTP because of all the programs I use, including winscp and others, CuteFTP is the most simple approach and it has all of the options that I've ever needed in nearly 10 years of development.
She needed a fast, simple way of uploading changes to her server without compromise from the browser and CuteFTP is a very good and affordable solution. The only time I really use winscp is for managing and issuing keys to contractors I hire that need server access.
This was not meant to become a debate on which program is the best to use. Everyone has their preferences.
|
07-13-09, 04:57 PM
|
 |
-
|
|
Join Date: Feb 2006
Posts: 2,516
Thanks: 20
Thanked 109 Times in 106 Posts
|
|
There is usually no quick, simple answer to issues like these and sometimes there are several problems. It may be like an onion, where each iteration resolves one issue, but reveals another. In addition, there was not enough information posted to draw any absolute, concrete conclusions.
From what I can see, everyone that posted was contributing relevant knowledge and opinions. I don't see a debate, but a collaborative effort to help.
|
07-13-09, 05:03 PM
|
|
Coding Addict
|
|
Join Date: Jul 2007
Location: Clayton, NC
Posts: 292
Thanks: 0
Thanked 1 Time in 1 Post
|
|
you misuderstood what I said. I said a debate about which FTP software is best. I did not mean the rest of the content
|
07-13-09, 06:39 PM
|
|
Newbie Coder
|
|
Join Date: Dec 2008
Location: Canada
Posts: 57
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
As I am new to website building and stuffs like that, i am beginning to learn quite a bit fro all of you guys as I see more what seems to be like gurus talking about hosting and other stuffs.
And to be honest with all of you, I really appreciate it as I am truly learning a lot, in fact probably more than what i can absorb for now.
Thanks
Julie Viola
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
|
| Thread Tools |
|
|
| Display Modes |
 Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
