I have just started using CARP and .php websites which I uploaded to my web host and after two weeks my hosting account was attacked by a hacker through an insecure .php script. I'm not sure which is to blame as they both contain .php scripts. I had to delete the whole domain just to make sure I had removed all of the scripts deployed by the hacker. I have removed CARP from my web host also as I'm not really sure how to secure it so it can't happen again so if any one could help I would be grateful. The chmod permissions I set were those given on the install instructions.

The hacker used my hosting account to spam mail from for about 10 hours before my hosting provider informed me of spam complaints. I checked through my web space explorer and found all the index pages in one domain had been changed to the hackers page with a picture of some guy, Russian music playing and a message saying;

"Hacked crazy_fb & imparator"

"Nush ile Uslanmayani Etmeli Tekdir, Tekdir ile Uslanmayanin Hakki Hack'dir."

"I'm Coding My Love On Websites"

The scripts below were placed in some of me folders to send the spam mail;

/files/ekwe.php

/files/carprss.php

/files/cool.php

Ok, he hacked my domain to use as a mail server but there was no need to re-write my index pages was there!! There were other successful exploits found in other folders;

Script Variable

/files/carprss.php $CarpPath

/files/carprss.php $full_path_to_public_program,CarpPath

/files/redirect.php $file

/files/carprss.php $CarpPath

/files/redirect.php $file

/files/journal.php $m

/journal.php $m

Not even sure what they mean as I am quite new to .php websites and not really sure if it safe to upload the websites again which are on my hard drive on my PC. Other domains had HTML websites on and were not touched by the hacker. I did question the security of my web hosting provider, but yeah, it was my fault for uploading insecure .php scripts. But as I'm new to .php how do I know which ones are secure and which ones aren't?