[Solved] Hacked!

[monkey]

Hi HelterSkelter,

Many thanks for this you're a star. Just a few things I'd like your advice on please.

Firstly, typing in http://www.twitchythumbs.co.uk takes me to an error screen, but typing in http://www.twitchythumbs.co.uk/integra takes me not to the home page, but to the Forum page, could you please let me know what changes I would need to make in order for users to use http://www.twitchythumbs.co.uk to take them to the main portal page?

Secondly and more importantly, how can I check to ensure that we are 'secure' against any further hacks?

Lastly, is there an easy way to make a backup of all the files, without having to manually copy and them all from the FTP site to my drive incase of any future hacking attemps?

Thank you once again for your help, most appreciated.

Steve

[Stevey1976]

Hi HelterSkelter,

Many thanks for this you're a star. Just a few things I'd like your advice on please.

Firstly, typing in http://www.twitchythumbs.co.uk takes me to an error screen, but typing in http://www.twitchythumbs.co.uk/integra takes me not to the home page, but to the Forum page, could you please let me know what changes I would need to make in order for users to use http://www.twitchythumbs.co.uk to take them to the main portal page?

Secondly and more importantly, how can I check to ensure that we are 'secure' against any further hacks?

Lastly, is there an easy way to make a backup of all the files, without having to manually copy and them all from the FTP site to my drive incase of any future hacking attemps?

Thank you once again for your help, most appreciated.

Steve

Hi HelterSkelter,

Please don't worry about my first point, I'd forgotten this had been answered by FoundIt earlier in the post, so I've put an index file in the root of the ftp site and pointed it too http://www.twitchythumbs.co.uk/integra/portal.php, however if you could still point me in the right direction with regard to the other queries that would be fab.

[Stevey1976]

Has your config file changed ..... if it has upload a new one with your database details etc and chmod it to 644....

if it was left at 666 that is how they got in... did it to me a year ago... upload a new index.php file as well then go from there...

let us know

Hi FoundIt,

Please can you provide me with info on this chmod 644, namely what it is and how I do it?

Thank you.

[found it]

Has your config file changed ..... if it has upload a new one with your database details etc and chmod it to 644....

if it was left at 666 that is how they got in... did it to me a year ago... upload a new index.php file as well then go from there...

let us know

Hi FoundIt,

Please can you provide me with info on this chmod 644, namely what it is and how I do it?

Thank you.

Hi

When ever you upload files to a server (apache not windows) certain files need to have write permissions set so the file or folder can change with information that you place on your site...

When installing IntegraMOD there is an install guide that explains which files need chmodding....

I use ftp to upload my files using ipswitch software to do it..... for me I right click the folder or file and select properties there I am able to change the chmod for it....

Also in file manager on cpanel you are able to change the write permissions for files and folders...

after installing an Integramod site or phpBB the config file should be changed from 666 to 644 so then it is secure from being written over....

I hope that helps a bit...

[Stevey1976]

Hi FoundIt,

Many thanks, I've checked the config.php file and the one currently there is set to 644, I cannot say if that was the same for the original config.php which got hacked but hopefully that should be okay. Are there any security checks that I can make to ensure the site is fully protected?