so my website gets continuously hacked.
I’ve reinstalled magento and from now on I use sFTP, I don’t store the password in the ftp client.
What else can I do to prevent attacks.
If you read my other threads here: http://www.magentocommerce.com/boards/viewthread/65897/ and here: http://www.magentocommerce.com/boards/viewthread/59441/
you’ll know the hackers insert text and damage my site, the 3rd attack was the worse, they inserted it everywhere!
so how do I prevent these thugs from doing this again. I don’t even understand why or how they do this? why my site!
I have a couple of questions:
1) what should the permissions be for the root folder of magento?
when you install magento it has to be 777, but what do i change it to then? and what “key files” have what permissions.
2) would an ssl certificate help in anyway, and what should I get for under $100/year
3) what are all the possible ways they could have agained access to my site? i don’t have any viruses on my computer, as I did a scan several times of my PC and my website and nothing was found.
THANK YOU SO MUCH!