Okay.........
I run a website which is now getting enough traffic for me to worry about security. I know a pretty good bit about html and javascript but not enough to make my website "attractive" with out a wysiwyg editer so I use front page. With all of the new traffic I am getting I wonderd if anyone would want to hack my site and if so how they would do it. Goodled for frontpage exploits and found some interesting holes. Most didn't work on my sight but there was one that did and it worrys me a little.

Exploit:www.victim.com/_private/service.pwd or /_vti_pvt/service.pwd.

Does anyone know of a way to plug this hole. I looked on google but found nothing but the exploits themselves....... not ways to fix them. I thought about deleting the file from the server (I am by the way on a shared server not owned by me just so ya know) but I was afraid that I would not be able to publish or even worse wouldn't be able to access as admin to replace the file.

Does anyone know what would happen if I moved the file to a less known place?? Wouldn't that be the same a deleting since the path would be different. (I can't change the path for admin rights because it's not my server)

And what would happen if I just deleted it. Would I just not be able to publish or would I not be able to access admin on the server????

I sent an email to my wpp (web presence provider) but they said that they don't deal with security except on the server side, not for the web itself.

Last but not least..... When you type it in your browser you are prompted to download the file and so I did. I open the file in notepad. It is encrypted but I don't know how and I would paste it here except I am afraid of it being in "[email protected] /password" format. Not exactly info I want posted on this site. But if anyone knows what kind of encryption frontpage .pwd file is in and how much trouble it is to decrypt I would like to know. If it is just to much trouble to decrypt I won't worry about it as much but then it couln't be that much trouble....... this is microsoft we're talking about.

Note: I would use some other program such as dreamweaver but last time I checked it was like $900.00;.

Thanks in advance. (especialy you roswell...... so far you have answered every thread I have started so thanks x5 to you)