Hi, My three servers have been hacked these days. One (big) line of code habe been added at the end of some files (index, etc.) by some one or something ... This is the code : It seems (???) that this is a ftp problem. As long as mi 3 servers have been configured with Ubuntu 8.04 LTS, fully updated, with ISPConfig 2 (last version 2.2.35), i do admit that i am a bit confused with that... Here is some more news about this : - http://seoforums.org/site-optimization/118-script-gnu-gpl-try-window-onload-function-var.html THE BIG QUESTION : HOW-TO secure more ftp ? Must i change the paswords for now ? At last, i must say that all of my servers are configured according to "Ubuntu Perfect Server" from howtoforge.org.