My php site was hacked by codes uploaded as image..?

Question

Yesterday my site was comprised. The attacker changes the index.php file to their own (with all their glory messages and greet). I\'ve notified the hosting company about thi

Answer 1

This may not be a vulnerability in your code. I had the same thing happen to me a few weeks ago. Although ALL my index.php files were removed, even ones not directly web accessible. In my case, it was a security hole in Linux. Not anything to do with my code. This was the reply from my hosting provider (A2Hosting), regarding the problem. Once I convinced them it wasn't anything I did, they figure things out pretty quickly.

"A recent exploit in the Linux kernel was used to grant administrative (root) access to users' directories on the server. The attack consisted of removing index files found in directories and replacing them with the attacker's desired content: A black web page with the attacker's code name, "iSKORPiTX (Turkish Hacker)". This hack was massive across the internet and used a previously unknown vulnerability, limiting our ability in preventing it."