Ok, you maybe noticed the downtime of my webpage and maybe you also were confused that you only were able to find my weblog on my homepage, but my ISP was hacked by a hacker group called “Spykids Group”. I spoke with Kangaroo today and he told me that the group hacked into their webservers by using a security hole in PHP. Because of that they reinstalled their servers with a newer version of Plesk and RedHat Enterprise Linux.
Well, after they had the hard work done, I had to have a look at all of my files on my webpage, because they replaced all index* and log* files with their own files. Because comparing all the files would take to long time I decided to reinstall the complete content management system with it’s plugins and this task is finished right now. Currently I am thinking on how to do a automatical backup of my homepage (e.g. via Cronjob with Linux), but I am not yet sure which is the best way to do that. Anyway, let’s hope that this will never happen again.
Btw, this is the index.html file which they placed in nearly every directory:
Oct 092006