Earlier this morning my site got hacked by someone who put up a new home page demanding a stop to the war in Israel.

Great…

So some quick looking around quickly showed that, by default, my hosting company had enabled WebDAV, a long with a dozen other things.  WTF.

So who is worse, me for not checking this stuff, or my hosting provider for turning this crap on by default.

I think they are worse.  Way worse.