How I Got Hacked, or why I am using static HTML now.
My site got hacked a little while back. I took it offline by copying the whole public_html directory into a hidden directory. I had been running wordpress before but the new site is static html.
I did, however have a part that used PHP and started looking into getting it running again. I discovered there were a couple media files (.mp3 and .mp4) which were, in fact, not media but were obfuscated PHP. I determined this by running "file TYQQ.mp3". These were part of the hacker's toolkit. There was no reason why I would have had any media files there. In the case of this little app I wrote, there are only a half dozen files. If it as more complicated like wordpress, for instance, it could be really difficult to find and remove them and it makes sense why some might pay a bunch of money to someone like hostgator to police this stuff.
Of course I removed them.
Since my main site is now a static HTML site, I made a change to .htaccess to make it so PHP doesn't get interpreted. By other little app uses php so I needed a .htaccess file. I also set up a cron job to look for and remove the files that were affected.