Kryptronic Software Support Forum

Hello,

Unfortunately there is too little information for us to start with.  We can consider all sorts of things but none of these are going to be helpful to you unless we get more information.

It's in everyone's best interests to find out, so we can all patch ourselves if nescessary.

I'm not sure what the pro-install consists of, but perhaps it was a simple thing like htaccess rules or other software installed on the server that gives directory access.  It's even possible that someone simply gained access by FTP or shell account.

Your webhost should be able to supply you with access logs.  Your ISP aren't going to be extremely helpful in this case.  Popular opensource programs such as Webalizer and Awstats are configured on all good servers. (send me a private msg if you are in the market for a very good webhost and need a recommended referral)

These logs can determine the date and time of abuse, logging the ip address, protocol and port numbers of the offender.  Once you have _this_ information, then you proceed through your ISP.  However realistically it's not a too greater offense IMHO to spark that kind of response from authorities.
 

Any changes to your root index.html/default.html pages would have had to been made via FTP or a hack via the web based on exploiting your server's security.  I've seen this happen quite a bit on Microsoft IIS servers where by default anonymous FTP is turned on.

CCP can not be the source of the break in as it does not have access to anything outside it's own directory structure.