For the second time ALL my sites have been hacked despite having a 17 alphanumeric, capsital and small letters as wel as other characters as a password.

The sites are also activated with google (with their personal signature system)

This is the infectation, found in front of every HTM and HTML page:


I added - - - to prevent problems here. DO NOT CORRECT AND CLICK (to the readers of this)

So my question is how can anyone be able to access my account and add anything if dreamhost is secure???

I am really not happy.

What kind of website are you working with? Like, is it Wordpress, hand written, etc? If a software platform, which version and plugins are you using?

Thank you for answering…

I am not working with worpress (that was never hacked) It is the regular web sites that I upload with FTP or equivalent.

In theory I should be the only one who has access to anything there (to upload) since they are straight HTML.

Just to clarify your comment ‘wordpress (that was never hacked)’…

So do you have any wordpress installations in the same user? Or are all of your sites pure HTML? It’s important to know what, exactly, exists in that user account because even if you have only one site that uses PHP or some other language, a vulnerability in that script can open up all sites in that user to potential hacking, even if they are HTML only.

I do have one site that uses Wordpress. Are you suggesting that is where the flaw it???

one insecure script in php can be exploited to access every file in your home directory. that’s why you should put each site under a unique user.

Ok, I am in the process of isolating that site

you can do it relatively easily with the panel. just create a new user then edit the hosting settings to the new user. DH will offer to transfer all your files over

the trick is remembering all the usernames and passwords when you do this, but at least it contains exploits to one site…

Also you said all other sites you use FTP, I recommened you starts using SFTP which is encrypted and ofcourse change your FTP password, since that also could have been comprimised.

good point, i didn’t notice that. ftp and telnet should never be used