Hi, when I open my site this moring it display a message that my account was hacked. I was upset and looked around to see what went wrong. I am still not too sure, but seems every thing is still in place. All of my files and password as far as I know are not touched. The only file I think got changed is index.html. It got replaced with hacker's signature. My hosting company told me the permission set on files and folders are not safe. I setup those permission according to the manual. I noticed index.html has write permission for all groups. Gossamer links set it automatically everyone I run build. So what should I do?

Apparently I think it's called mass defacements. Here is more info on the hack http://www.zone-h.org/..._defacer=Mosavi1986/

You could CHMOD your index file to 644 as it is default set to 666. Don't know what implications this would have on the file. I build static pages so can't see the problem with doing this.

Links Admin / Setup / Build Options - at the bottom:

Cool! I build static pages like you do. Now I feel a little safer now.... I knew 666 can't be a lucky number.

The default permissions are very relaxed as more restrictive permissions can cause problems for certain webserver set ups. If you always build from the web, using more restrictive permissions will probably be okay. However, they probably won't help much since any intruders will be able to write to the file anyways. This is because they most likely will get access to your files through an unsecured script or vulnerability and get access through the script, which has the same permissions as GLinks does. That said, it's always nice to have permissions a little tighter.

Adrian