Our site was hacked last night and was redirecting to another site.
I was able to restore it by going in through FTP and deleting a few files that were put into the main directory.
c99.txt, c99.txt.1, 99.php, and 1 other before I copied it so I don't remember what that was called. It was still redirecting the site so I checked the .htaccess file which didn't show a last modified date of yesterday so I didn't suspect it. Well, they wrote on the .htaccess file and was redirecting the site.
So I uploaded a clean version and it's all working now.
My question, no one had access to FTP so I don't believe they got access through that. Is there a way that hackers are getting in through vbulletin? What should I be checking. Thanks in advance.
I was able to restore it by going in through FTP and deleting a few files that were put into the main directory.
c99.txt, c99.txt.1, 99.php, and 1 other before I copied it so I don't remember what that was called. It was still redirecting the site so I checked the .htaccess file which didn't show a last modified date of yesterday so I didn't suspect it. Well, they wrote on the .htaccess file and was redirecting the site.
So I uploaded a clean version and it's all working now.
My question, no one had access to FTP so I don't believe they got access through that. Is there a way that hackers are getting in through vbulletin? What should I be checking. Thanks in advance.
Comment