Earlier this morning my site got hacked by someone who put up a new home page demanding a stop to the war in Israel.
So some quick looking around quickly showed that, by default, my hosting company had enabled WebDAV, a long with a dozen other things. WTF.
So who is worse, me for not checking this stuff, or my hosting provider for turning this crap on by default.
I think they are worse. Way worse.