This may be what happened:
Quote:
What likely happened in sequence:
You posted your tool publicly with the PHP proxy URLs [to download DEMs] visible in the HTML source
A bot (not even a human — these are fully automated) scanned your domain within hours or days of it appearing publicly
It found live PHP files, probed for vulnerabilities, and attempted to drop a malicious .htaccess file to either redirect traffic, enable further PHP execution, or establish a foothold
That file may have been what was causing your slowness — malicious .htaccess files often add processing overhead to every single request on the server
|
Funnily enough, my OCD on insisting on handwritten HTML and no content management system for my website; may have caused this attack to splatter because there was nothing for it to hyjack.
I'm currently rethinking how to approach this to avoid server vulns.