how to prevent this hack?

[questions]

All of my users were disabled by admin. Someone logged in to DA from another hosting companies IP according to the DA log files.

Then the account disabled warning html page was changed to the hacker warning.

It was easy to fix, but how did it happen and how to prevent?

 

[zEitEr]

Limit it to your IP

http://help.directadmin.com/item.php?id=349

Disable creation of admin accounts

http://help.directadmin.com/item.php?id=350

And/or use keys

http://www.directadmin.com/features.php?id=1298

 

[zEitEr]

And of course you should analyze how your server was compromised and make it secure again, or re-install OS, if it's deeply hacked.