Got hacked

fricky · February 3rd, 2006, 11:18 AM

I got hacked a little while ago. At first I was too mad to even come close to the site, but I cooled off a bit and just want to continue my site. I didn't make a back up for a while, but I did it like twice. I decided not to continue my site as it was, but too start a new one there, because else it will be way too much work and I got tired of it anyway. But there were some files, like photo's, that I really want back. I tried to upload the back up..for like a second it showed my original main page (only that one, the others weren't working), but after a few second it showed the page the hacker made again. Could somebody please help me with this? how do I get the back-up on my site? Any help will be greatly appreciated.

This is the site by the way: http://www.fake-reality.net

by the way..how did I get hacked? Somebody told me it shouldn't have happened and that it's the fault of surpass hosting, but I really don't know, so I'm not blaiming anyone okay..I am just wondering so it won't happen again..cause this sucks..big time

**psfrog** · February 3rd, 2006, 2:44 PM

First, please contact support ASAP.

It could be a .htaccess file that still is in Your public_html folder that re-directs to the hacker's index-file.
So even if You upload a backup of Your site, there could be alot of files uploaded or edited by the hacker left.

Why this could happen could be alot of things. A vulnerable installed script, a folder/file with permission 777 or something simular - I don't belive Surpasshosting could have stopped the hacker from hacking Your site - it's not their fault.

Hopefully the support could help You with this quickly. They may have a backup of Your site availible.

**Rai** · February 3rd, 2006, 4:15 PM

Hackers usually attack a loose script on your website, and short of banning anything that could potentially cause hackers to attack (which would result in many mad customers) Surpass can't really prevent it from happening. Without knowing the structure of your site, it's impossible to tell what cause your site to become a target.

You should probably have dealt with your site as soon as you noticed it had been tampered with. How long ago was it? Surpass may have a back up, however they only keep them for server problems, not for user problems (which includes when your site gets deleted by an outside source, that isn't Surpass related.) If this "hacking" was a while ago, the likelyhood is that the last back up Surpass has of your site is of the hacked files, and not your original site. But, they may have something that they can reload onto your account... though it may cost you a fee because it is clearly stated that it is the users responsibility to keep a current back up of their site.

You should check your .htaccess to make sure that there are no changes in it that the individual made, and delete all of their files. After that you should reupload your own backup, and then they should be intact.

February 3rd, 2006, 11:18 AM	#1 (permalink)
fricky Registered User Fresh Surpasser Joined in Sep 2004 18 posts Gave thanks: 0 Thanked 0 times	Got hacked I got hacked a little while ago. At first I was too mad to even come close to the site, but I cooled off a bit and just want to continue my site. I didn't make a back up for a while, but I did it like twice. I decided not to continue my site as it was, but too start a new one there, because else it will be way too much work and I got tired of it anyway. But there were some files, like photo's, that I really want back. I tried to upload the back up..for like a second it showed my original main page (only that one, the others weren't working), but after a few second it showed the page the hacker made again. Could somebody please help me with this? how do I get the back-up on my site? Any help will be greatly appreciated. This is the site by the way: http://www.fake-reality.net by the way..how did I get hacked? Somebody told me it shouldn't have happened and that it's the fault of surpass hosting, but I really don't know, so I'm not blaiming anyone okay..I am just wondering so it won't happen again..cause this sucks..big time

February 3rd, 2006, 2:44 PM	#2 (permalink)
psfrog Surpass Fan Comfy Contributor Joined in Jun 2004 Lives in Sweden Hosted on Muy and Dedicated 220 posts Gave thanks: 8 Thanked 22 times	First, please contact support ASAP. It could be a .htaccess file that still is in Your public_html folder that re-directs to the hacker's index-file. So even if You upload a backup of Your site, there could be alot of files uploaded or edited by the hacker left. Why this could happen could be alot of things. A vulnerable installed script, a folder/file with permission 777 or something simular - I don't belive Surpasshosting could have stopped the hacker from hacking Your site - it's not their fault. Hopefully the support could help You with this quickly. They may have a backup of Your site availible. __________________ :: Have a great day! /Erik at http://www.psychofrog.se and http://www.manufrog.com :: Server: Muy and Dedicated

February 3rd, 2006, 4:15 PM	#3 (permalink)
Rai Senior Member Super #1 Joined in Nov 2003 Lives in Canada Hosted on Pass14 3,770 posts Gave thanks: 4 Thanked 20 times	Hackers usually attack a loose script on your website, and short of banning anything that could potentially cause hackers to attack (which would result in many mad customers) Surpass can't really prevent it from happening. Without knowing the structure of your site, it's impossible to tell what cause your site to become a target. You should probably have dealt with your site as soon as you noticed it had been tampered with. How long ago was it? Surpass may have a back up, however they only keep them for server problems, not for user problems (which includes when your site gets deleted by an outside source, that isn't Surpass related.) If this "hacking" was a while ago, the likelyhood is that the last back up Surpass has of your site is of the hacked files, and not your original site. But, they may have something that they can reload onto your account... though it may cost you a fee because it is clearly stated that it is the users responsibility to keep a current back up of their site. You should check your .htaccess to make sure that there are no changes in it that the individual made, and delete all of their files. After that you should reupload your own backup, and then they should be intact. __________________

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)