wtf. i am getting pretty fucking annoyed. i logged into my site today and was denied cpanel access. i reset the password (its a brand new hoster and i thought i just forgot my PW) and everything looked ok. i posted to my site and when i checked out the preview i had a blank page with a field to upload a file. i logged in via FTP and found that i had some modified files and extra files such as:
cpanel_cracker.php
nep.php
postleech.sql
postleechorg.sql (about a 500Mb file)
sql.php
symlink_sa.php
xmlrpc.php
they fucked up trying to lock me out and i fixed it easily enough but i am pissed and concerned about it happening again. my cpanel pass is 8 characters with a mix of #'s and punctuation but still got hacked and from looking at the files left over, it looks like that cracker uses brute force. is there a way to do a timeout on my cpanel login or would that not help? any ideas on how to stop this from happening again?
cpanel_cracker.php
nep.php
postleech.sql
postleechorg.sql (about a 500Mb file)
sql.php
symlink_sa.php
xmlrpc.php
they fucked up trying to lock me out and i fixed it easily enough but i am pissed and concerned about it happening again. my cpanel pass is 8 characters with a mix of #'s and punctuation but still got hacked and from looking at the files left over, it looks like that cracker uses brute force. is there a way to do a timeout on my cpanel login or would that not help? any ideas on how to stop this from happening again?