13 years 3 months ago
Yesterday afternoon my entire hosting account with HostGator was hacked, new index.html and index.php files with the Turkish flag and music playing were placed into over 20 websites. It was a big shock. I was able to restore everything quickly by simply replacing the index.php with the original Joomla index.php.
HostGator claims they broke in through the admin in an older install of wordpress I have and then obtained access to my entire hosting account, I am going to be moving that wordpress site into its own little account somewhere because I cannot upgrade the install without breaking the whole site with the shopping cart plugin (this was before I found joomla!), and this kind of vulnerability is not fun!
A question: can hackers get into my whole hosting account through Joomla too? I have taken the small steps of changing the default admin login, database prefix, SEF url, and akeeba backups stored on my hard drive and on dvd but this could turn into a nightmare if it gets repeated on a heavier scale. Any thoughts? Thanks, Carin