Good day, We had a few sites on php with 0777 permissions defaced with an religious extremist message . On further investigating, we discovered that the hack must have been achieved via the server /temp folder because in the temp folder there we numerous suspicious files added around the time of the hack. I have deleted the hacked file, and restored. Now I want to know how to best avoid this in future? Also how do I troubleshoot to narrow down on the hack?