recently I had an issue with my site - someone managed to modify my .js file and injected a malicious code there. I have no idea how :(. I was just wondering how to prevent it from happening. i cleaned the file and changed my password but I am feeling that is not enough.
Do you monitor your files for changes (cron script), do you use any monitoring software? The worst thing is detecting that not early enough. That really can shutdown your business
[FONT=Verdana]As I mentioned in your other thread, setting all file permissions to read-only is a good start.
Iโve used CrawlProtect to help block attacks. It also records problem IP addresses, so you can choose to block them completely - and it makes it easy to see which files have been modified and to change the file permissions when necessary.[/FONT]