According to me Hostgator where I am hosted should be a good host or is it too vulnerable? Shifting is currently not feasible but I am hardening the security. Confirmed from Hostgator that it was a FTP hack. Hostgator gave me only the IP address of the spammer. It was being changed constantly. It kept logging out and logging in and downloaded index.php files, made the change and uploaded. It logged out after changing one file.
Don't know if blocking those ips would be of any help. Regards Navjot Singh On Fri, Jul 24, 2009 at 6:54 PM, Otto<[email protected]> wrote: > While I know that there are viruses that can steal your FTP > credentials from common software programs, are you sure that that is > what is going on here? > > The most commonplace method I've seen to inject this sort of thing > into files is simple shared hosting with poor security practices. Once > a hacker gets into one site on the server, he can run a script that > simply searches for *.php or *.html and injects his code into anything > it finds. Thus he's got his code on dozens or hundreds of sites > instantly. Make the script run every so often, and you keep getting > "hacked" over and over again. > > Solution in this case is two fold: > 1. Correct the permissions. 755 or 644 for everything. Unfortunately, > sometimes this is ineffective (poor security config tends to be > *really* poor). > 2. Switch hosts to one that knows what they're doing. > > While I don't doubt that people have gotten hacked based on stolen FTP > creds, it seems more likely to me that this sort of code injection is > done via bad shared hosting instead. > > -Otto > _______________________________________________ > wp-testers mailing list > [email protected] > http://lists.automattic.com/mailman/listinfo/wp-testers > _______________________________________________ wp-testers mailing list [email protected] http://lists.automattic.com/mailman/listinfo/wp-testers
