Hi,

Your website could have been brute forced, exploited or generally logged into. I'd advise you to check email, ftp and database accounts for any suspicious users and change all passwords as a security measure.

Thanks Dan I'll do that...

Security is one of the topics I need to understand more. I suppose there must be a tutorial or something in the knowledge base, I'll have to go and have a look.

Sorry to hear about that hmcm2006

Passwords are one of the worst problems when it comes to security measures, generally, as people tend to pick something that's easy to remember, but at the same time it makes it easily guessable, especially via the brute force dictionary attacks that Dan mentioned.

As Dan said the best course of action is to check all possible accounts, to make sure only the ones you setup are there, and as a security measure change all of the passwords.

Often overlooked, I would also severely recommend scanning any computers that have access to the site with an up to date virus scanner, as there are some rather nasty trojans around at the moment that can track the likes of ftp logins, which send the data back to the creators, and they can gain access to your site that way. This is one of the ways <iframe> injections have been made possible recently.

@ hmcm2006 : we are glad to know that your issue has been fixed and website is working fine now

Yeah, easy to guess passwords are real culprits which may get hacked if our machine gets compromised hence its always recommended to have powerful, updated antivirus on our machine / server which will ensure security from such threats.

iframe are getting worst, millions of websites have been adversely affected by <iframe> injections... as saying goes " Prevention is better then Cure " hence we should always scan our machine and should avoid unnecessary downloads

iframe injections are usually done through ftp accounts so you should keep difficult to guess FTP passwords. Also you can request your webhosting service provider to upgrade kernel on your server for better security.

Good morning,

I recently sent my passwords for RDP and Plesk to [email protected] by mistake.

I only realised this after not getting a reply.

I notice that this domain has been bought but may be available, snap it up.

Bye

Ian

Hi Ian,

Please reset the passwords and make sure the passwords are complicated.

Webhosting.co.uk is registered since 1996, and is used by Express Hosting provider.

Thanks Ian I will start working on it.