cancel
Showing results for 
Search instead for 
Did you mean: 
Go to solution
New

Help me understand how a malicious file can get uploaded

Linux server, tight password, no other user access. How do hackers get access to put malicious files on my site?

Fortunately I recognized a file date that wasn't one of my uploads. Didn't get flagged so I guess no harm done but where is the crack they get through? 

1 REPLY 1
Super User III Super User III
Super User III
Solution

Re: Help me understand how a malicious file can get uploaded

Some possibilities are malware on a computer used to manage the site, vulnerabilities in FTP and/or scripting on the site.

 

It is a good idea to only FTP over SSH, and don't save the password in your FTP client.

https://www.godaddy.com/help/enable-ssh-16102?

 

Make sure any software you use is up-to-date.  They offer a free malware checker, but an upgraded plan is needed for more indepth scans and malware removal.

https://www.godaddy.com/offers/sitecheck