Information for owners of hacked websites:
You just found out that spammers have hacked your website. They have posted pages advertising illegal crap. They may be reading your emails. Ick!
What do you do?
It's not as easy as removing the unauthorized files. You have to find out HOW they got there in the first place, so you can stop them from being re-posted.
In order to post on your website, the spammers need a username with authority to post, and a password for that username.
Most hacking is done by robots with lots of time on their hands but no imagination. They are looking for low-hanging fruit. They will try common usernames with lots of passwords, or they will try common passwords with lots of usernames. Best to have your usernames and passwords be uncommon.
Is your username obvious? Obvious ones are things like "administrator," "admin," or "root." Your domain name is also an obvious one. Best to have something else if your web host/software allows it.
Is your password common? Many people use common passwords thinking that no one has any reason to want to hack their site. But they don't want to hack your site in particular. Any site will do, and they'll find the low-hanging fruit.
There are many sites with lists of common passwords; here is one:https://xato.net/passwords/more-top-worst-passwords/
Also avoid any passwords that are the same as your username or passwords that are the same as the site you are logging into.
Are you using the default file structure? Many users have sites using formats like WordPress. That means that any spammer that tries to log into a website without having to actually view it manually can program his robot to go to the default login screen URL. There are WordPress add ons like "Change Database Prefix" that rename those URLs. The spammer can go to your site and find out what the new names are, but if they're looking for the sites most likely to have obvious passwords, why would they?
Are you using the same username/password on multiple sites? Sites get compromised all the time. The spammers then use the usernames from those sites to try to log in other places.
And very important: Which computers have been used to access the site to upload files? This means every computer used by every user. If any one of them is infected with malware (malicious software), it could be harvesting usernames/passwords, or it could even be uploading the spammy files itself. Those computers are all suspect.
To avoid providing your new passwords to spammers, consider accessing your site with a Live CD. A live CD is a read-only CD that has a different operating system on it. You boot your computer while clicking on "escape" or "F8" or "F12" or whatever the key on your computer is to control the boot sequence. When a black screen comes up to ask you what you want to use to boot, you change it from the hard disc to the CD, then continue booting. If your computer has malware on it, it has to be designed to work on its particular operating system. Boot with a different operating system and the malware won't launch.
One choice for a Live CD is Ubuntu. It is based on Unix/Linux. It is fairly user-friendly, and it has Firefox included in the package. Remember to write down you current username/password and the URL for you website's log in before you boot up, because your computer won't be running its usual operating system to get your bookmarks. Once you boot in Ubuntu, you can launch Firefox and access the internet relatively normally. (Some Firefox add ons may not be available for Ubuntu.)
Ubuntu is free and can be downloaded fromhttp://www.ubuntu.com/download/desktop