2
I have a fairly popular gaming site that generates a decent amount of traffic. About 3 days ago I logged in to update the news and I noticed that someone had hacked in and was in the prosses of changing all my front page news posts to racial slurs and gay porn. He had already deleted all the forum posts and sent out a mass e-mail to all my registerd members (about 3,500) The e-mail was very hate oriented. The guy that hacked in clamed to be a member of myg0t. I shut down my vps to prevent any more damage. I did not have a recent backup of the MySQL database so I had to roll back the forums to a version over 2 months old.
My question is: How easy was it for him to hack into my page?
Is there anything that I can do to try and prevent a future attack?
I had the mainfile.php and admin.php files permissions set to 644, I have now changed them to 444.
I don't know about hacking so i'm not sure how he got into my site or how I can try and prevent him or somebody else from hacking in. I'm afraid to bring the page back online untill I can get the page secured. any help will be greatly appreciated.
Thank you.
