Is there a way to determine who hacked a website?

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

startupdev

Thread Starter
Joined
Jun 27, 2019
Messages
1
I have a client that was recently sent an expensive proposal by a developer to ensure their site was secure as the developer assured the client that their site was not secure and could be hacked at any time.

Side note: I've run a google test and it is secure.

Shortly after my client received the proposal they had an attempt made to hack their site where about 100 bogus forms from the site were submitted at the same time. The developer that proposed the expensive encryption proposal then fixed the issue that caused the hack.

After that issue, the following business day, the administrator for the client was not able to access their own admin site. The developer said that they locked things down too tight and then had to go in to the .htcaccess file in the root folders and delete the files in the folder (more billable hours).

The very next day after the developer deleted the files from the root folders to loosen the security, the site was immediately hacked again.

I've been in tech for 15 years and my gut instinct is that this particular developer is creating the hacking issue to force the client to agree to their expensive security proposal. Is there any way to determine if this is what has been going on and who has been attempting to hack the site?
THANK YOU!!!
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
117,100
Sorry but we don't assist with trying to identify individuals but we can leave this open to discuss how to secure your site. I'll move it to the proper forum.
 
Joined
Jun 28, 2019
Messages
2
How can I see where this post was moved to? This one:
"Is there a way to determine who hacked a website?"
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
117,100
You have posted in the thread so you have found it. Since it involves a web site the Virus & Other Malware Removal forum is not the correct one as that is for individuals. There would have been a redirect left for 24 hours and you would have received an alert regarding the move with a link to the new location unless you have alerts turned off.
 

cwwozniak

Chuck
Trusted Advisor
Spam Fighter
Joined
Nov 28, 2005
Messages
65,696
A hacker could easily go through one or more proxy servers to attack your client's server and hide their actual IP address from any logging by the server.

Has your client independently verified any credentials of this current developer that they are a trusted consultant for website security? The last thing they need is to give a hacker full access to their server while believing they are being helped to secure the site.
 
Joined
Sep 21, 2007
Messages
12,126
I would let that developer go - because he didn't do test to ensure everything works as it should after a change. He should have found that the admin can't access the site.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top