5 days have passed since I last migrat my-collectible-gift to be server based. And by 10/5, my site is being hacked by a self-proclaimed x2Fusion hacker!!

Fortunately, there isn’t much valuable information on my-collectible-gift yet. Unfortunately, all my information has been wiped out! Though the information that I upload are very minimum and not very confidential, it took me weeks to just manage to get them up and running! Weeks of work, and within a minute; all my data gone!!!

Liased with Tdothost.com, the webhost that I have registered for and quite a shock to learn from them that their billing system has been hacked too!

Contacted our mentor, Alvin Phang and he mentioned that the service of Tdothost is not as up-to-standard as before.

I have also requested from Tdothost for a detailed explanation of what’s the cause and how best to prevent hacker in the future.

Below an extract of Tdothost’s reply:

My site’s billing system was hacked too.
I requested a restore for your site.

There are many ways for hacker to gain control of a site.
For example, he may have hacked the cPanel OR FTP password for your domain, or better yet, the
hacker may go after a known vulnerability in a php script (i.e. wordpress or a wordpress plugin).

There is little anyone can do for a site or server that is already hacked, but I
can help offer some advise to prevent it in the future.
- Make sure you use the latest versions of any software or plugin you use.
- Make sure you always change your passwords ( cpaned, ftp, email, ….)
- Make sure no one knows your password

Tags: business