Share this question

Welcome to Teachnovice Q&A, where you can ask questions and receive answers from other members of the community.

This is a collaboratively edited question and answer site for computer enthusiasts and power users. It's 100% free, no registration required.

How to protect website from malicious scripts?

0 like 0 dislike
216 views

Two day ago my website was banned by all browsers because there were some malicious script at the very top of my index.php file. I have no idea where this script came from. Removed it several times but it appears again after several hours. I have already contacted my hosting provider and the only advice from them was to change the password. Although that didn't solve the problem. Any ideas?

asked Feb 27, 2012 by anonymous  
This could be anything. There are a million different places where you may have an exploitable security hole.

2 Answers

0 like 0 dislike

 

You have most likely been hacked. Somebody found a little backdoor in your php scripts which he exploited to gain access to your files.

I suggest as a first step you read the very basic documentation here: php security manual and then continue with other resources on the internet. Php security is not to be taken lightly as it can compromise your whole website (as it is your case)

answered Feb 27, 2012 by anonymous  
0 like 0 dislike
Of course that could be anything. One thing that no one probably will say here but it might be the case, is that you might be using Total Commander to update index.php and you have checked "remember password". There used to be a security whole in this program and it happened to me many years (like 4) ago that my index.php files were infected with iframe due to this.
answered Feb 27, 2012 by anonymous  
...