Quote:
Originally Posted by Twig
Was it hacked via the software being used on the site(wordpress,joomla,whatever) and if so what was it the client was using?
|
That I do not know, and it has not been figured out yet. The host is supposedly running some kinda trace program to see what information they can find out.
My best guess based on the information provided is,.... the server was compromised either by my client, or one of the sites he is hosting for other people. He apparently is selling off some of his additional space, like a hosting company, and hosting his pard's.
So it could be an the client, or my guess is, one of his pard's could have compromised the server somehow. Either way, glad it was just an index swap.
I told him he either needs to pay for the back up, or RAID, or something to back shit up, and obviously do something else about passwords, and being easily compromised moving forward.
In the end, it could have been a lot worse for him and his pals on the server then it turned out to be.