As you may know , several Coptic websites have been hacked including that of CopticPope.org
I am a software developer/PM , not web hosting security expert, but I need information on this attack type and how to prevent it.
I've already advised the church to turn off CopticPope completely and stick to Coptic World.org for safety measures.
Can the IT security experts amongst you just PM me or tell us the configuration modifications we need in order prevent this. The problem is we are concerned that rather than post an Islamic banner, as they have done, they hijack our sites completely. This would be lethal.
They are already spreading false rumors as fliers in alexandria.
If u know anyone who is a web security expert, please ask them to contact us.
The most they got to is to replace the index.html file. How? Surely you need FTP access to do this incl username and password??
Comments
Hence, somehow the index.html or an alias to it, was changed.
Perhaps they are using SQL, but the site didnt look like it had a CMS installed.
Thank you
No, it was not a DDoS attack. The website's front page had an Islamic Banner on it.
Hence, somehow the index.html or an alias to it, was changed.
Perhaps they are using SQL, but the site didnt look like it had a CMS installed.
Thank you
Oh, I didn't actually see the results of the attack I just found out when the admins suspended the site. That's alarming, but it isn't new, this same type of attack has been going on for a while now and this is like the 8th coptic site to go down like this.
I don't know how they inserted their own index.html other than them brute-forcing the ftp login, but that seems very unlikely, they could have sent them a rat or something to steal that info.