Webguide Home | Search
New York University

FAQs

My site got hacked. What do I do?

ITS uses many methods to protect the security of the web server, so it is unlikely that your site will be attacked. However, there are times when webmasters notice unexpected and unauthorized changes to their site.

The most common cause of these unexpected changes are incorrectly set UNIX permissions, which allow set your files or directories to be "world-writable". If you use a Secure FTP (SFTP) program to upload files to your page, or if you use an authoring program, it's a good idea to log in periodically to check that the permissions on files are correctly set.

The other common cause of changes is not closing out accounts of former webmasters. If someone is no longer an authorized webmaster, you need to notify ITS immediately, so that we can terminate their access to your site and transfer the necessary privileges to the correct person.


If you notice unexpected or unauthorized changes to your Web page, immediately notify:

To notify ITS that a webmaster has left the university, contact: