PHP Forum

**recedo** · 12-21-2005, 02:42 PM

Hi,

I got home from work this morning to find that my index.php had been 'hacked' and replaced with a load of junk.

The original code was in a file called something like 'localdata.php' and was all intact.

All that was in the php was a redirect header to redirect to a sub-dir, which was all still there and had no problems.

Just wondering if anyone can shed any light on what they think happened and more importantly how to stop it happening again. Is it something I can do or will it be down to my host? I use a VPS with 'Power VPS' who have been very good.

Is there any way I can protect the code, it's literally 2 lines but it's not nice to see your index page trashed!

TIA
Simon

**Harvey** · 12-21-2005, 03:45 PM

Would be easier to say with a reference - unlucky mate I know the feeling :-(

**recedo** · 12-21-2005, 03:57 PM

Well, the site is http://www.notsounknown.co.uk. The index.php page only contains this code;

PHP Code:


			
<?
header("HTTP/1.1 301 Moved Permanently");
header("Location: http://www.notsounknown.co.uk/nsu");
exit();
?>

I have not kept the code that was left when it had been 'hacked'. I say 'hacked' becuase I'm not sure if it was hacked or if it was just some sort of server problem. One of my users emailed me to tell me that the site had a message saying that it had been hacked, when I visited it there was no message, just a load of junk characters.

Everything is back to normal now, I just want to make sure I'm protected in the future. I'm trying to figure out what backup options I have with CPX. I usually only backup to my local machine once a month or so as the site is quite large.

Simon