Not sure the best place to post this - hope this is it.

I've been told that the reason for my site being hacked is the insecure FTP application I was using - originally AdobeGoLive because it was easy and then Dreamweaver, again because it was easy.

It's been recommended that I use FileZilla instead as they enable me to upload using FTPS instead of the usual FTP.

Does anyone have any advice on this topic? I'm wary about downloading another application for obvious reasons.

Hope you can help.

Odd.

It's usually not the client software that is the fault in these cases, but rather the server software. Your FTP server logs should confirm whether or not it was the problem. It could be something as simple as a successful brute-force attack.

If you can, disable the FTP (etc/inetd.conf) service altogether in favor of SFTP. Same thing goes for telnet/rlogin in favor of SSH.

Thanks for the reply, Chris.

I was attempting to connect using SFTP - but IX Webhosting do not support that but support instead FTPS which they've introduced AUGUST 27. Dreamweaver does not give me the option to make this a FTP upload preference - which is why FileZilla was suggested.

Quote:

Originally Posted by anchorjack

I've been told that the reason for my site being hacked is the insecure FTP application I was using - originally AdobeGoLive...

Somethin' fishy here. Still trying to figure out how your choice of FTP clients caused your web site to get hacked. Did your web host tell you this?

Well I thought there's something fishy here too.

I was in the process of uploading 6000 pages to the site which took a huge amount of time about 72 hours non stop and the site was hacked the very next day. The other sites (much smaller and no updates) were not affected.

Odd too as I am working on a MAC and am not used to dealing with these issues.

The site was hacked again - inserting one line of code opening an invisible iframe in the <body> tag each time I uploaded to the site. Since changed the passwords and no new hacking - but I daren't upload anything to the site again.

Hence the questions about secure ways of using FTP.

Mac or no mac, you should be using anti-virus software. Sounds like they believe the problem is a man-in-the-middle attack. Not exactly a common problem for your typical developer, though who knows the viruses are doing these days...

If the entire site is static content, I guess run an anti-virus program and change all of your account passwords. If not, I'd be more inclined to believe it's a script of some sort causing the problems.

Got a link to the compromised page?

Wow - appreciate your input.

To be honest - showing my ignorance - I had no idea I had to be running anti-virus software on a MAC

The site (now apparently clean of malicious code) is http://www.traveltidingsusa.com

The 6000 pages I upload each month are created using a page generator from IHS Advantage for hotel booking pages and I have wondered if there is some script in that page generator that has caused the problems. The site is on it's last legs before we revamp it entirely - it's old and tired and needs re-doing and I am thinking to scrap the hotel part of it all together. Before I started the hotel generated pages we were at a rank of 6 - dropped steadily since then to 2.

IHS Advantage insisted it has nothing to do with that - and I was reluctant to stop it - the revenue wasn't bad for while - but maybe it's time to start again.

Thanks for your advice Chris. Really do appreciate your taking the time.

Cheers,
Kevin

Update - and supporting Chris's suspiscion that the problem is to do with the server - I amfinding more evidence on the net that IXWebhosting has a history of hacking in recent months. I can't think of anything else that could be the problem - and FTP does not seem to be it!