View Poll Results: Has your website ever been hacked or attacked?

Voters
51. You may not vote on this poll
  • No, never.

    15 29.41%
  • Yes, but the damage was minimal and it just took a few minutes to fix.

    8 15.69%
  • Yes, and it took an hour or two to fix.

    5 9.80%
  • Yes, and it took up to a day to fix.

    3 5.88%
  • Yes, and it took more than a day and less than a week to fix.

    12 23.53%
  • Yes, and it took more than a week to fix.

    5 9.80%
  • Yes, and I gave up on the site that was hacked or attacked.

    3 5.88%
Page 1 of 2 12 LastLast
Results 1 to 20 of 27
  1. #1
    MichaelCorfman's Avatar
    MichaelCorfman is online now GPWA Executive Director
    Join Date
    June 2004
    Location
    Newton, MA
    Posts
    4,116
    Thanks
    838
    Thanked 5,232 Times in 1,693 Posts

    Question Has your website ever been hacked or attacked?

    I've heard some horror stories over the years about websites being hacked or attacked. Certainly members here have shared stories.

    Have your sites ever been hacked? Or attacked?

    If so, what was involved in recovering? Was it easy or hard?

    Share your experiences, and what you learned in the process, with your fellow webmasters here.

    Michael
    GPWA Executive Director, Casino City CEO, Friend to the Village Idiot

    Resources for Affiliates: iGamingDirectory.com, iGamingAffiliatePrograms.com, GamingMeets.com

  2. #2
    michael1981 is offline Public Member
    Join Date
    April 2011
    Location
    Australia
    Posts
    321
    Thanks
    16
    Thanked 60 Times in 48 Posts

    Default

    I once had a website hacked about 2 years ago. Someone managed to hack my shared hosting reseller server and redirected my traffic to a malicious attack site. It was really quite shocking, and I had no idea what was going on.

    At first I thought my computer had a virus, until I saw the same thing happening on my friends computer. It only happened when I clicked on my website after searching for it in Google for certain keywords, and it only seemed to happen with Firefox as well. It was very hard to detect since I never usually click on my own website after searching for it in Google. It took about a day to fix, just a matter of upgrading to a better hosting service

  3. #3
    dfiocch's Avatar
    dfiocch is offline Private Member
    Join Date
    September 2006
    Posts
    878
    Thanks
    789
    Thanked 567 Times in 350 Posts

    Default

    Yes, my site was hacked one year ago by a Chinese hacker. It was very easy to recover it because it was "only" a php script injection (about two hours to recover all).

  4. #4
    baldidiot is online now Private Member
    Join Date
    January 2010
    Posts
    4,253
    Thanks
    403
    Thanked 1,948 Times in 1,280 Posts

    Default

    The only damage to one my sites was by my host who managed to screw up my VPS so badly it had to be deleted and restored from backups. Who needs hackers when you have incompetent providers!
    onlinegamblingwebsites.com - Formally known as goodbonusguide.
    baldidiot.net - Baldys affiliate blog. Will get updated one day. Maybe.

  5. #5
    robertmedl's Avatar
    robertmedl is offline Private Member
    Join Date
    February 2006
    Location
    Loveland, OH
    Posts
    450
    Thanks
    83
    Thanked 128 Times in 93 Posts

    Default

    A couple of years ago, someone hacked my blog such that the keywords that Google identified for my blog were online pharma keywords, e.g. viagra, etc. I never figured how they did it, but I'm not too skilled in that area. It took me several days to reconstruct my blog entries to remove all the offending content and then several weeks before my intended keywords were correctly identified by Google.

  6. #6
    slotplayer is offline Private Member
    Join Date
    September 2006
    Posts
    1,038
    Thanks
    194
    Thanked 323 Times in 252 Posts

    Default

    yes in 2008. I had my FTP pane open and could see the malcode migrate to each file as the last modified date would change, one file after another. It inserted some javscript code at the bottom of each page. It wasn't that hard to remove.

    I'm not sure if my local system got infected and I uploaded an infected file or they got in to the FTP program or host provider.

    The last modified date is a quick and easy way of checking if something is amiss.

  7. #7
    felku's Avatar
    felku is offline Public Member
    Join Date
    May 2011
    Posts
    254
    Thanks
    1
    Thanked 15 Times in 12 Posts

    Default

    My question those who were hacked, you were ranking good in Serps?

  8. #8
    dfiocch's Avatar
    dfiocch is offline Private Member
    Join Date
    September 2006
    Posts
    878
    Thanks
    789
    Thanked 567 Times in 350 Posts

    Default

    Quote Originally Posted by felku View Post
    My question those who were hacked, you were ranking good in Serps?
    Yes. First page for a lot of keywords.

  9. #9
    felku's Avatar
    felku is offline Public Member
    Join Date
    May 2011
    Posts
    254
    Thanks
    1
    Thanked 15 Times in 12 Posts

    Default

    ok, it can be that maybe it was the competition. There is a way to prevent this things? I'm new in this and I notice that when you reach some position you get a lot of attention especially for the competition.

  10. #10
    dfiocch's Avatar
    dfiocch is offline Private Member
    Join Date
    September 2006
    Posts
    878
    Thanks
    789
    Thanked 567 Times in 350 Posts

    Default

    Quote Originally Posted by felku View Post
    ok, it can be that maybe it was the competition. There is a way to prevent this things? I'm new in this and I notice that when you reach some position you get a lot of attention especially for the competition.
    Set a very strong password for all your www accounts (hosting,FTP,root access etc...).
    Set up a firewall for your hosting account (contact your hosting company. If you're on a dedicated or VPS, you can setup it yourself). A firewall can help you to prevent hacking attacks and blocking malicious IPs.
    Set up a very strong password for all your POP3 accounts (email). All common attacks come from POP3 bugs.
    Set up a "dedicated" IP for your site.
    Set up correctly your .htaccess or htaccess.txt (if you are on Apache server) to block a lot of common exploits (just search on Google).

    Just some "basics" rules.
    Hope can help.

  11. #11
    felku's Avatar
    felku is offline Public Member
    Join Date
    May 2011
    Posts
    254
    Thanks
    1
    Thanked 15 Times in 12 Posts

    Default

    Great advice, thanks. Now I'm convince that I will change to VPS.

  12. #12
    allfreechips's Avatar
    allfreechips is offline Private Member
    Join Date
    August 2010
    Location
    Ohio - The taxing state
    Posts
    1,077
    Thanks
    136
    Thanked 621 Times in 367 Posts

    Default

    I got hacked, and that led to some acess to email for the hostin company, in turn led to them getting access to passwords (I hate places that send you the actual password via email) and they transfered 4 of my domains to another registrar. Now, this went un noticed for some time as all my sites are managed from my cms online, and of course i never noticed any change as they did not change content for 5 months, then they changes some aff accounts. This was a hassle but i fixed it and closed the orig hole i had. Now when i fixed the hole via ftp, the changes were not taling effect on the website. So after goining nuts i found they finally moved the server to a new host, totally intact. except i had no more ownership.

    This went on for 6 months of me contacting ICANN and all the registrars and hosts involved. All they said was you transfered the domain there not much we can do!

    Imaging all your work being out of your control! not until I was actually able to contact the new "owner" in Vietnam did I arrange to get the domains back after discussing the inrest Interpol had with my case.

    I still get sick thinking of these times, so one lesson is to monitor your registrars and I actually made it so they neeed a voice password to change any info anymore.
    Allfreechips online casino guide offers online casino reviews from our members. Also our exclusive No Deposit casino bonuses are always up to date. See the latest slot machine reviews at Hotslot and exclusive no deposit casino bonuses as well with a good dose of daily online gambling news to learn about pokies

  13. #13
    felku's Avatar
    felku is offline Public Member
    Join Date
    May 2011
    Posts
    254
    Thanks
    1
    Thanked 15 Times in 12 Posts

    Default

    Wow, thanks for sharing your experience.

  14. #14
    rak's Avatar
    rak
    rak is offline Former AM
    Join Date
    January 2011
    Location
    Philippines
    Posts
    1,123
    Thanks
    250
    Thanked 334 Times in 258 Posts

    Default

    I got hacked because I didnt update my software. The forum software kept timing out when I tried to update it. It got hacked, files were being uploaded and used as a warez link site, bandwidth through the roof, bill went sky rocketing, forum was being pulled apart... took a week to get back under control.

    2 months later.. again. Same thing. I dumped the forum software and never recovered.

  15. #15
    padovan is offline Private Member
    Join Date
    August 2011
    Location
    Whitby, Ontario, Canada
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Default

    We got hacked before but they just put some movies on the server so they were easy enough to remove and we fixed the security problem right away.
    on-linecasinobonus.net - if you want the best bonuses
    free-slotgames.com - if you just want to play for free
    on-linecasino.hu - find the best online casinos for Hungary
    casinovilag.hu - casino guide in Hungarian

  16. #16
    Leo's Avatar
    Leo
    Leo is offline Private Member
    Join Date
    December 2008
    Posts
    137
    Thanks
    80
    Thanked 40 Times in 32 Posts

    Default

    I have had hackers enter sites a few times, mostly through php scripts that weren't fully secure.

    If you're using a VPS or server with cPanel then I recommend using the software from configserver.com - they have a few good products including the firewall (free) and exploit scanner (one-time fee).

    Also if you do find that a hacker has managed to change something on your site then I highly recommend getting a professional to check the server thoroughly, because it's possible that a hidden backdoor has been placed and unless you're a security expert then you're not going to find it. Again, configserver.com has a service for this, which I have used and recommend. In fact whenever I get a new VPS the first thing I do is hire them to install all their security software and change the server settings to be more secure, it costs $100 which is a one-time fee, and their software keeps updating itself constantly.

    Yes I sound like an ad for configserver.com but it's because all my servers rely on them, I haven't had any security problems since using their software, and I recommend them to everybody. But since this does all sound tooooo positive, I'll add a negative - their support people can be a bit arrogant at times - but I give them a free pass because they're good at their jobs

  17. #17
    32x's Avatar
    32x
    32x is offline Public Member
    Join Date
    October 2009
    Location
    Here
    Posts
    54
    Thanks
    40
    Thanked 9 Times in 7 Posts

    Default

    About a year or two ago, I had a blog that was not protected by my Unix framework. It was a Wordpress site that came free with my hosting package. Well, someone hacked it and I was so frustrated that I just did put anything on it again until just recently. It is now a Google blog and I am happier with it, so far..

    I also seem to remember having a few pages hacked, and some ads were embedded into my homepage, before I switched to Unix.

  18. #18
    Join Date
    March 2006
    Location
    Costa Rica
    Posts
    2,092
    Thanks
    140
    Thanked 171 Times in 119 Posts

    Default

    Yes, It's still not funny. Someone hacked into my server (affiliate site) and changed the .htaccess file to redirect all of the inner pages to an animal porn site. So clicked on a keyword term in google they are expecting something related to live games, they are given a huge donkey phallus. Nice and classy. I was fortunate that I wasn't banned from google on that site. I quickly learned a lot about proper server configuration. Since then there have been attempts, but so far no one has breached the security.

  19. #19
    lots0 is offline Former Public Member
    Join Date
    November 2003
    Posts
    886
    Blog Entries
    1
    Thanks
    299
    Thanked 571 Times in 251 Posts

    Default

    We had an employee(remote tech) of our hosting company inserting redirects, not to pics of donkey dicks, but to his own aff accounts. Cost us a bundle.

    The redirects were well hidden and I hate to say it, well written htaccess files. He was smart enough to take only a percentage of all our click throughs and to cover his tracks well.

    Once we figured out we were hacked (I stumbled across one of his redirects by accident).
    the thief of course knew we found him out, he worked as a 'security' consultant.

    Once he knew we were closing in on him, he started making injection attacks in an attempt to cover his tracks. When that didn't work... the SOB made a hell of an effort to screw us by deleting all our db's.... multiple redundant backups.. don't go anywhere with out them.
    Last edited by lots0; 28 September 2011 at 2:43 am.

  20. #20
    davemerry's Avatar
    davemerry is offline Public Member
    Join Date
    June 2010
    Location
    London
    Posts
    751
    Thanks
    332
    Thanked 229 Times in 181 Posts

    Default

    Quote Originally Posted by lots0 View Post
    We had an employee(remote tech) of our hosting company inserting redirects, not to pics of donkey dicks, but to his own aff accounts. Cost us a bundle.

    The redirects were well hidden and I hate to say it, well written htaccess files. He was smart enough to take only a percentage of all our click throughs and to cover his tracks well.

    Once we figured out we were hacked (I stumbled across one of his redirects by accident).
    the thief of course knew we found him out, he worked as a 'security' consultant.

    Once he knew we were closing in on him, he started making injection attacks in an attempt to cover his tracks. When that didn't work... the SOB made a hell of an effort to screw us by deleting all our db's.... multiple redundant backups.. don't go anywhere with out them.
    Bloody hell, that is crazy. Do you know what happened to the employee?

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •