My Website got hacked!

[John]

How do meta tags provide protection?

[TcM]

Meta Tags? I didn't see that in the post until now.

Anyways.. same question here.

[kiafaldorius]

Last I checked, html tags don't provide any protection at all. It might tell people that your security is weak, or strong, but you don't secure html. HTML is a Mark-up Language, not scripting, not programming.

Do you still happen to have that script that uploads files? Mind if I take a look at it? I think that's the one with the issues.

[ReekenX]

Try inserting .htaccess codes in your server to prevent attacks. For example disable config php files for world access, directories and etc.

[zoekmachine]

Maybe i missed that part but are you running forum or something similar. Are you running some free or commercial script?
This kind of script-kiddies run usually one script that use search engines to search for other website running old and insecure script and then they simple infect it through weakness into code, leave message about defacing and go away.
You can see for example a lot old version of VB, phpBB infected.
Setting .htaccess file with example:

Code:

<Limit GET POST PUT>
Order allow,deny
deny from All
</Limit>

may help but not a lot. If there is code inside that they use only thing that can help is to update your script.
Try this crackertracker script by include it into first line of your codes. It may help to block many attacks:

Code:

<?php

// Cracker Tracker Protection System
// Created by: Christian Knerr - www.cback.de
//
// License: GPL
//
//
// Begin CrackerTracker  StandAlone
//

  $cracktrack = $_SERVER['QUERY_STRING'];
  $wormprotector = array('chr(', 'wget', 'cmd=', 'rush=', 'union', 'UNION', 'echr(', 'esystem(', 'cp%20', 'mdir%20', 'mcd%20', 'mrd%20', 'rm%20', 'mv%20', 'rmdir%20', 'chmod(', 'chmod%20', 'chown%20', 'chgrp%20', 'locate%20', 'grep%20', 'diff%20', 'kill%20', 'kill(', 'killall', 'passwd%20', 'telnet%20', 'vi(', 'vi%20', 'INSERT%20INTO', 'SELECT%20', 'nigga', 'fopen', 'fwrite', '$_REQUEST', '$_GET');
  $checkworm = str_replace($wormprotector, '*', $cracktrack);

  if ($cracktrack != $checkworm)
    {
      $cremotead = $_SERVER['REMOTE_ADDR'];
      $cuseragent = $_SERVER['HTTP_USER_AGENT'];

      die( "Attack detected! <br />br />$cuseragent" );
    }

//
// End CrackerTracker StandAlone
//

?>

[Sionofdarkness]

It always seems that hackers are foreigners trying to do internet terrorism or something. So pointless...

[Xav]

Internet terrorism? Now that is a good idea...

Juuussstt kidding...

[DevilsCharm]

Ha ha. I don't know why people think they can make an impact by doing something on the Internet, unless it's a business like Google or something.

[TcM]

zokemachine, I did understand what that script does... but where is that supposed to be included?

[deep23]

so dident saw this topic before so hackers use rfi remote file inlclude to put a .php or a .txt now it works with .jpg and .gif too
the hackers find a bug in your page and then the put that php file or some other file into your host the mos use c99.php its a shell that allows me to to anything what i want in your site i can connect to the site with netcat and do more damge to your site
when i hacked i puted into the site a phpmailer and spamed until the web closed an other method is xss cross site scripting withthat way the "hacker" steales your admin cookie and gets access through your site
and other way that i dont know how to explain is rooting
if you wanna protect your site use htaccess or meta taks like someone above sad