Preventing defacements

A hacker group called Mirror Team has defaced my school's index page twice in the last six months. We have a php-nuke site in a subdirectory, and they have apparently been able to reach the index.html in the root directory through the nuke side of things. The nuke site is secured with two add-ons, so they were unable to hack it.

Aside from setting the index.html permissions to 444, is there a way to secure my regular site? We are hosted on a Solaris server, using Solaris' web server (not Apache).

Or, if that isn't possible, is there a way to notify me whenever someone writes to our space on the server or changes the index page? I usually don't hear about the defacements for a few days, since our users assume I am omniscient.

Thanks.
John Wheaton
admin, www [dot] stfrancishighschool [dot]com

 

 

 

 

Top