It happens to the best of us, and it happened to me. I’ve run the Linuxlaboratory.org domain for about 5 years I guess or something like that. I’ve overhauled the site a number of times to improve the look, usability, and maintainability of the site. Over the course of the past few years, I’ve tried tons of content management solutions (CMSes), the most recent (er, before today) being PHPX. I hate pretty much all content management solutions, and PHPX was no different. So today I went to take a look at my site just so I could see what I needed to save before I blew the site away again to make way for yet another CMS system. Lo and behold, I had been hacked.
This guy was kind of a prick. He could’ve hung out there, undetected by me, for some time, because I had recently disabled the monitoring for the site (ie, the stuff that lets me know that new stuff has been uploaded or that something has changed). It would appear that his goal was to hang on to the shell on the web site, because he had uploaded a crapload of software that he presumably wanted to use. But nooooooo. He had to go and totally replace my index.html file, so when you go to the site, it’s clearly defaced.
Well, I took the opportunity to go ahead and blow the whole site away and start over, changed all of my passwords, zipped up all of the old files and moved them offsite, uploaded a new system (called mediawiki), and had it set up and locked down in all of about 20 minutes. Hopefully, this system will serve me for at least a couple of years, which would be a record for any CMS.