Hi All ...
One of my friends asked me to check his server because a page of his website was modified and someone putted a trojan dl link ..
after checking logs I found out that hacker simply logged with ftp ..
first I thought that was a brute force but ftp password was strong enough! ( like this : #G}C*1dzSg?U )
I changed the pass and tried to login with new pass and everything was ok but when I tried with the old pass I was able to login too !
I was able to login with empty or even any word to the ftp But I had to know the real username .. this methods is working in all accounts :\
as I am not familiar with plesk I didn't find the issue ..
temporary I limited the ftp to certain ips ( as its not a hosting server we don't have problem with this )
can anybody help me to resolve this problem ?
Thanks
One of my friends asked me to check his server because a page of his website was modified and someone putted a trojan dl link ..
after checking logs I found out that hacker simply logged with ftp ..
first I thought that was a brute force but ftp password was strong enough! ( like this : #G}C*1dzSg?U )
I changed the pass and tried to login with new pass and everything was ok but when I tried with the old pass I was able to login too !
I was able to login with empty or even any word to the ftp But I had to know the real username .. this methods is working in all accounts :\
as I am not familiar with plesk I didn't find the issue ..
temporary I limited the ftp to certain ips ( as its not a hosting server we don't have problem with this )
can anybody help me to resolve this problem ?
Thanks