I have some clients running outdated php scripts. They have many bugs. Last week a website got hacked. The attacker uploaded a PHP shell and made a deface. I've personally uploaded a php shell and guess what, I can access even the root directory! What can I do? I've discovered spam sending scripts and bank scam pages on one of my personal websites. God knows what else could be affected. Please tell me what's wrong! I've installed ISPConfig on a virtual server. I have the same problem! Everything went normal with the installation!