You are invited to Log in or Register a free Frihost Account!

My website has been hacked

hi my frihost account was hacked by this person

their ip is:

is there anything you can do about this hes taken over my whole site i added him on msn but he didnt say much apart from frih host has no security so i dont think its just my site in danger i think this person is trying to take down frih host

Edit: i spoke to the person that hacked me and they unhacked me. but could the admin of this site please do something with my accounts security
I don't know much about frihosts security but I think its mainly up to you to secure your site. Make sure your password for DirectAdmin is very secure and all your FTP passwords are secure and your database passwords.

If your site is driven by PHP and MySql then its really up to you how secure it is. Make sure you never trust anything that a user inputs into an input field or an url they enter.
he said he got in via ftp and said no security but all my ftps have passwords
and what makes you feel like your account has been hacked? you can't login to Direct Admin or your site is giving errors or just because he told you so?

If you can't login to direct admin, try to reset your password using this link and see if it works.
the site is back now and 1st of all i noticed because they hacked my forum by editing my page and left details so i added them on msn and asked for it back then they took over the full thing i beleive they used this tool

also if you type the persons email in google you can see other sites they have hacked the persons email is at the top of this thread

suppose all i can do now is change every password i have and block the ip that this person used to gain access my site and i know its the persons ip because i have a stat tracker and i found it was turkish which if you put the guys email in google you can see that there based in turkey. so i will have to put a accsess block on this ip
You got it back using that password retrieval link?

Apart from changing passwords also make sure that you have given right permission for folder and files (CHMOD)
nope i just simply asked them so many times they gave me controll back. iv done a bit of resarch and found they could of got through my forum at least i think so. i just hope it doesnt happen again i was worrying like crazy i have a really bad headach now.

what do you suppose my chmod permision should be for my forum index its currently set to 777?
My site has been hacked to... can't open my forum which is my main page.

list of hacked site can be found at,com_attacks/Itemid,43/filter_defacer,Sonvurus.oRg

using the filter by domain, many frihosters are affected by this attack.
Waaaa ------ my site tooo

They put

hacked by KOL3R@=ilknur SONVURUS.ORG

in page

I checked out the page (it was a php page) and there were no modifications in that.
But there was a php code i used to track my web statistics - tracewatch

When I removed that code, it was fine ... main page

Actually, in my site they attacked through my site statistics php tracker.

I "unhacked" it , but please, someone tell me how to close the loopholes !!!!


It seems a lot of sites were hacked !!!!
cant we all fill out a report of what these people did and send it to there isp to try and get them banned from the internet i have their ip thanx to my site stats tracker. we should do something to act agains these hackers. i think they got through our data base passwords so keep our ftp passwords differnt to our database passwords

they sent me this page which i think is a web tool they used to hack our sql passwords

Edit: should we all team up and do something about this if so add me on my msn aswell. we must have enough proof to get these people taken down not like there just hacking to find out the workings of a computer system their destroying thousands of online business and your site to so we need to do something about it. we also need to work on loop holes in our sites and server settings.
just have to be more careful about the PHP scripts and mods you install on your site. if you got hacked there was probably a security problem with the forum script or whatever it was you were using. I would contact the makers of your forum scripts.
I can help about security if i start to get involed about it, for anyone who wants something for defence and not for attack becouse we might open a war then which is not neceserary at least at the time been...
Create a .htaccess file, and place the following in it.
RewriteEngine On
# Block
Deny from
Firstly, change your passwords! This is most important.

they sent me this page which i think is a web tool they used to hack our sql passwords

That's a security hole in PHP-Nuke. Upgrade your PHP-Nuke installation to the latest version immediately! If this is not possible, disable access to your website until it is fixed.
These hacks are not due to lack of security on FriHost, they're due to scripts with security holes in them. For anyone using PHP-Nuke, I'd suggest to remove it immediately!
This is the portal from where the turkish hackers came from


Windows Server 2003 Microsoft-IIS/6.0 13-May-2007 Internet Services
Linux Apache/1.3.37 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.4.6 FrontPage/ mod_ssl/2.8.28 OpenSSL/0.9.7a 30-Apr-2007 Fevzicakmak Cad. No: 57 / 6 Osmangazi Bursa / TR
Linux Apache/2.0.46 (CentOS) 30-Mar-2007 Gigabitweb Dedicated Servers Network
Windows Server 2003 Microsoft-IIS/6.0 10-Mar-2007 Internet Services
Linux Apache/1.3.37 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.4.5 FrontPage/ mod_ssl/2.8.28 OpenSSL/0.9.7a 25-Feb-2007 Nixcon Networks Inc.
Linux Apache 17-Feb-2007 Nixcon Networks Inc.
Windows Server 2003 Microsoft-IIS/6.0 11-Feb-2007 Nixcon Networks Inc.


Team: | Zorbey | Delpi | Axel | Kamashira | K!Ko | Albert | |Kol3r@|
Has there been any news on the process of this report you've made.
I cant find their site on the net i think the report was affective.....
I dont want to start a war i have better things to do with my time or i will attack when i am prepared to be invsible from counterattacks...

Try my site it has a link to a powerfull IDS... more in the fututre
i dont think attacking will be a very good thing especialy if it can cause wars. its best just to report them as much as we can to make sure they get caught for their hacking
my site has been safe for 2 weeks now since the hackers attacked is everyone else ok. if your fihhost website has been hacked please post it in here. also any news on the hackers?
Mine looks ok ... But not sire if the hackers opened some backdoor anywhere ...

My site is and I think some files went missing , but probably it is server 2 's fault ...

Was only server 2 attacked ? Maybe it was one of those hackers' scripts that is slowing server 2 down ? Maybe they planted more scripts in the sites of innocent users ?

I used a backup to an older date, so I guess everyone on server 2 can do that to flush out the hacker's scripts if there are any ...

Or just go through all the files and kill off anything suspicious - check your htaccess, index.php and all the default error pages for malicious code ... Cool
yep make sure you use secure passwords... for example i use passwords like this... hgf543 it is quite secure and not many people can guess that.
and i change my password regularly
ans no that password i don't use for frihost... or anything... made it up on the spot!
If you need a good way to create secure passwords (like the mumbo-jumbo letters and numbers ones for DirectAdmin), try this applet:

It works well for me.
andy26 wrote:
nope i just simply asked them so many times they gave me controll back. iv done a bit of resarch and found they could of got through my forum at least i think so. i just hope it doesnt happen again i was worrying like crazy i have a really bad headach now.

what do you suppose my chmod permision should be for my forum index its currently set to 777?

that would explain why he said no security in your FTP.. if you have it set to 777 ANYONE can write to them... I could even go and write something to your site if i wanted to know.. you should really try setting your folders to 755.
Related topics
Google Hacked?
How To : Secure Your PHP Website
Website: Unknown!
A Virgins Plea
No website is secure from this man
web site hacked, need help deleting files
Dzial ogloszen
Forums hacked
Website security.
My Joomla Site Hacked
SEGA website hacked
The internet is so UNsecure!
Is my Website hacked ? :O Urgent !!! Please Tell me !!!
Reply to topic    Frihost Forum Index -> Support and Web Hosting -> Frihost Support

© 2005-2011 Frihost, forums powered by phpBB.