-2

Possible Duplicate:
My server's been hacked EMERGENCY

I did a php script my self for a digital shop store but a hacker is hacking it again and again. He is copying some php and javascript files to my host. He is also editing my index files by placing javascript codes to each index file.

So please tell me which security issues should I check to stop it? I have no folder or file with 777 chmod.

Community
  • 1
user1465810
  • 1

1 Answers1

2

Follow best practices. Just not having a 777 on a file will prevent someone from hacking in.

Take your server offline and follow best practices.

  • Is your OS up-to-date?
  • Is your PHP up-to-date? PHP is notorious for security issues.
  • Have you scanned your application for vulnerabilities. Google will help you with plenty tools to do this
  • Remove unneeded services and accounts
  • Change your passwords regularly and ensure they are strong
  • Audit your entire code
  • Secure SSH / Apache, your database and PHP

Just to be sure, take a backup of your configuration and code and re-install the server and follow best practices.

A quick search will help you with best practices, securing OS and your application stack.

Chida
  • 2,531