If you visit your website and get a virus warning or see a page, which you have not uploaded, then your website has probably been compromised by a third party.
There are two techniques, we would like to discuss at this point.

"Defacing" is a term used by hackers describing the process of replacing the victim's page with another one. This new page usually contains a short, incomprehensible text and greetings to members of that particular hacker group.
"Defacing" in its essence is similar to digital graffiti and can be politically motivated or go against the contents of the original site.

With "Defacing" the original index.html is replaced by a new page. The former page is not necessarily deleted but renamed to index.001. Non-commercial websites rarely fall victim to this attack, because the hackers intent to increase their reputation amongst their peers.

Another technique is called "Hijacking". With "Hijacking" another page containing malicious software and viruses is loaded in the background.
This often becomes obvious when a virus scanner shows a warning and requires user action. Due to the vast amount of dangerous viruses, prudence is essential. Trojan horses can turn your computer into a zombie and aid the botnet owners in future attacks.

"Hijacking" does not necessarily mean that your website is replaced by another website. More code is usually added to your index.html. This code loads the malicious software in an IFRAME in the background. The purpose of this alteration is to mass-distribute viruses/trojans/worms, hence the reason "Hijacking" is used primarily on privat websites, since gaining access to those requires a lot less effort than commercial websites.


Both techniques make use of known and unknown security vulnerabilities and insecure passwords to gain control over your website.
The vast amount of attacks are successful due to insecure FTP passwords or "PHP-injections", where code is inserted into the PHP script .

Please heed the following security tips, to keep the risk of an successfull attack as low as possible:

• Only use passwords which cannot be found in any dictionary
• Use lower and upper case characters, i.e. x9MD3d8IwA
• The password length should be at least 5 characters (better: 12 characters)
• Change your password in frequent intervals
• Never save your password in a text file on your computer, put in a save place (safe, lockbox)
• If you want quick access to all your passwords, use a digital password safe like the Open-Source program
  KeePass, which can even generate passwords using a very complex algorithm
• Never share your passwords with anyone
• Always use the most recent PHP version. Contemplate every change to the PHP.ini!
• Activate the STRATO SiteGuard, which prevents scripts from accessing the FTP/SSH
  (can be found in your customer service area under "Settings" "SiteGuard"

General security tips:

• Install an anti-virus program and a firewall
• regularly update your operating system and internet browser (i.e. Firefox)
• Use common sense when entering sensitive data

If your website has been hacked, you can use STRATO BackupControl to transfer an older backup
back onto your webspace.

To connect to STRATO BackupControl with an FTP program, use the following information:
Server: backup.strato.de
Username: YourDomain.co.uk
Password: Your Masterpassword

STRATO BackupControl is not available in all packages. Please check http://www.strato-hosting.co.uk for information, whether your package contains this feature.