Here’s a concatenated screencap of the site:
Page 1:
Page 2:
And here are dig and whois returns: TESDA.txt
Well, securing the server is really supposed to be the job of the webhost (in this case, Bitstop Inc. or Ikoula judging from the whois records) and if this was on a shared hosting, oh boy, they’re in real big trouble with their other clients if they made some changes with the system files. Tsk tsk.
Important lesson from all of this: Do not use IIS.
Although I will not claim that Apache is bulletproof, I’m pretty sure it’s far more secure than IIS.
Edit: Tesda Women’s Center website is the one hosted at Bitstop.