Hi,
this seems odd, on Sat morning i got email from google and phishlabs.com saying that "A phishing site was found to be operating on your network"
I had a look in folder and yes there were php files uploaded to a folder "uploads" on my site, 'Uploads' was originally created by myself for catching online submit files (work related stuff)
I immediately got onto hosting company, tech guy on email support said he'd elevate it to engineer, that was Saturday, checked today and files still there, i rang them and they said that they hadn't removed as they prefer to keep these dodgy php files there but make them 'inactive' and that hacker would most likely upload again. I would had thought that if I make folder "non writable" or delete it (i believe it was set to 777 ) then i should be OK,
Does the Hosting company's stance on this make sense, I would have thought cleaning out would be the first thing to do - followed by checking folder permissions
thanks
this seems odd, on Sat morning i got email from google and phishlabs.com saying that "A phishing site was found to be operating on your network"
I had a look in folder and yes there were php files uploaded to a folder "uploads" on my site, 'Uploads' was originally created by myself for catching online submit files (work related stuff)
I immediately got onto hosting company, tech guy on email support said he'd elevate it to engineer, that was Saturday, checked today and files still there, i rang them and they said that they hadn't removed as they prefer to keep these dodgy php files there but make them 'inactive' and that hacker would most likely upload again. I would had thought that if I make folder "non writable" or delete it (i believe it was set to 777 ) then i should be OK,
Does the Hosting company's stance on this make sense, I would have thought cleaning out would be the first thing to do - followed by checking folder permissions
thanks
