Many of you already heard about http://www.defacers-challenge.com/ and hacker competition they announced.

To the moment we finished with the security audit of our servers and upgraded software that could be insecure (kernels, ssh, cpanel), etc. We also installed firewalls on all our servers to protect them.
The goal of the attackers will be to change first page of the site. Though we finished with our security checklist the easiest way for them will be not to hack a server in whole but to hack scripts on a single sites.
Also it may turn thta defacers may prepare in advance and already get access to the particular site just waiting for the hacker contest to start and chamge index page of your site.

That's why we recommend our users to:
1. Review scripts that are installed on your site, especially those with upload functionality. Hackers may use your script upload feature to upload a script that will replace index page of the site. Ensure that uploaded files cannot be run as php/cgi scripts, etc from the web and that your upload folder and uploaded foldrs have correct access rights.

2. Change all passwords for the control panel and ftp/ssh.


I think we are well prepared and attack won't heat us, but we ask our users to check their scripts to ensure that single sites are also safe.