You are not logged in. Please login or register.
Showkase Support Forum → Showkase Support → website was hacked
Im using showkase.net, and have uploaded the files to my host.. Recently it was hacked.. Has anyone run into this before? Im using showkase right out of the box.. Is there a firewall or default thing I need to install before using, or one that will work with Showkase??
Thank you
John
What exactly happened to your site?
Were files deleted? Were Showkase pages changed? Do you have any other files on your web space (not related to Showkase) that were affected in some way?
Without knowing all the details, it is difficult to know exactly what happened.
It is possible that it was your web hosting account itself (rather than your Showkase site specifically) that was compromised.
If this is the case, then it is possible that other sites on the same web host were also affected. You could try contacting your web host to ask them if there was a recent security breach (though they may be reluctant to divulge such information if they did experience such a problem).
The best advice I can give is to use strong passwords (long passwords with a mixture of uppercase and lowercase letters, numbers and punctuation) and that you use a different password for each and every service you use.
Even if a password is stored on a web server in an encrypted form, there is a possibility that it can be discovered if it is just a common word. For example, if your password for a service is 'Password1' and it is stored on a web server as a SHA1 hash, then if someone somehow got hold of this hashed password (which in itself may not be easy), all they would see is the text '70ccd9007338d6d81dd3b6271621b9cf9a97ea00'. However, because 'Password1' is a very weak password and is probably used quite often, there is a record of its hashes on the internet (see Rainbow tables for more information) and a simple web search of '70ccd9007338d6d81dd3b6271621b9cf9a97ea00' reveals that it is the SHA1 hash for the text 'Password1'. The more obscure your password is, the less likely it is that the internet will have a record of its hash (and that it can be found on Google) and the less likely it is to be discovered by a brute-force attack.
I do not know how your web host handles the storing of its own passwords but Showkase uses a more secure method than just hashing a password. A salt is also used so I think it is very unlikely that someone discovered your Showkase password and hacked your web site this way.
Hi
My site was redirected to another site. I had a few files that were there to begin with when I purchased my doman name. During that time I could login to showkase and everything looked to be ok.. but going back to the main page it was redirected to some "We are watching you" site. Wild!
Anyway.. they backed up my website and Ive gone in and have started over.. I just downloaded the new version of showkase and Im waiting on the server to update to I can get back to editing my showkase.
I definitely will have to create a super tough password, which is first thing on my list.
Thank you for the feeback and advice
John
It certainly sounds like it was your web hosting account which was hacked rather than your Showkase site specifically.
Use strong passwords and change all the passwords which were associated with your web hosting account (web page login, FTP, databases, etc.).
Showkase Support Forum → Showkase Support → website was hacked
Powered by PunBB, supported by Informer Technologies, Inc.