How did another default file appear in our server?

Asked by:
canfmach / 30 Points
Time:
2013-07-22 3:42 pm EST
Category:
Website
Hits:
377
Two days ago I went to our homepage expecting to see the normal "under construction" screen. Instead, a black white page loaded. When I right-clicked to view the page source, I was shown an empty file with two blank lines.

After logging into webhostinghub and using the file manager, I saw that in addition to our usual "default.html" (which still had its normal contents) we had a new file called "default.htm" which was empty. By deleting this file, I was able to restore the homepage to its expected appearance.

Any suggestions as to how this may have happened would be appreciated.

To ask this user for more information, please first login.

To submit an answer, please login.

Best answer chosen by User

1

johnpaulb-whh2
Staff
12,339 Points
2013-07-22 5:41 pm EST
Hello canfmach,

Thank you for your question. I understand your concern, as i would also be concerned if a file was modified without my permission. I honestly don't know how the default file appeared in your account.

I performed a security scan of your site using the free Sucuri Sitescan website, and determined the version of Wordpress you are running is outdated.

This absolutely opens your website up to being compromised, as the older versions of Wordpress have known security weaknesses.

It is extremely important to keep your CMS (Wordpress), and all Themes and Plugins up to date.

Here is a full list of the vulnerabilities that are fixed in the latest Version of Wordpress.

Also, we have a full article that explains the steps to take if your website is hacked.

If you have any further questions, feel free to post them below.
Thank you,

-John-Paul

To submit a comment on this answer, please first login.

Thanks for your help, but to my knowledge I am not using any plugins, themes, or even wordpress. All files on the site have been written by me from scratch. Is there still some sort of wordpress running in the background that I need to work with?
canfmach
30 Points

2013-07-22 5:53 pm EST
Hello canfmach,

I tested the site that is listed as your primary domain, but I may be looking at a different account from you, for example if you have multiple accounts, or addon domains.

If you can provide a domain name I can ensure I am testing the correct account.

If you have any further questions, feel free to post them below.
Thank you,

-John-Paul
johnpaulb-whh2
12,339 Points
Staff
2013-07-22 7:23 pm EST
I only have one domain (canfieldmachine.com).

As far as I know, I never did anything to set up wordpress.
canfmach
30 Points

2013-07-22 7:46 pm EST
Hello canfmach,

Sorry about the confusion, but I was looking at the wrong account. I checked the FTP logs, and even the backups and was not able to locate any information regarding the default.htm file you are referring to. The logs only go back so far, and it may have been too many days since it was uploaded to check the logs still.

We put a default.htm file on new accounts or accounts that do not renew, but it is blue, instead of black and white. If this occurs again, I would recommend contacting Live Tech Support while the file is there, or right after you notice, so we can investigate further.

If you suspect something was compromised, I recommend rotating your AMP/cPanel/FTP passwords.

If you have any further questions, feel free to post them below.
Thank you,

-John-Paul
johnpaulb-whh2
12,339 Points
Staff
2013-07-23 12:01 am EST
Thank you very much for your help!
canfmach
30 Points

2013-07-23 5:39 pm EST
Want to share this Question?

Related Articles

It looks like there are no related articles.
Would you like to ask a question about this page? If so, click the button below!
Need More Help?

Help Center Search

Current Customers

Email: support@WebHostingHub.com Ticket: Submit a Support Ticket
Call: 877-595-4HUB (4482)
757-416-6627 (Intl.)
Chat: Click To Chat Now

Ask the Community

Get help with your questions from our community of like-minded hosting users and Web Hosting Hub Staff.

Not a Customer?

Get web hosting from a company that is here to help.
}