7
If you really want to change _where_ mainfile.php resides, there are no less than 28 files to change, .... really a total waste of time. :)
All I do is CMOD it to 444, and the MySQL connection is localhost, and as someone else pointed out, there can be no 'external' (direct) connection made when it is setup like that. Of course a fair bit might depend on the technical expertise of who is looking after the server, and how 'tight' security is, the one I use has only had one hack, a user abused the shell/SSH privs, so now SSH is not available.
There could be many reasons for the db being 'hacked' or whatever happened, possible sql injection attacks, or a person was able to login (never disclose the 'webmaster' login and use some very cryptic password, not one that is easy to guess). Your web server logs will of course show you of any logins, or where sql code was being attempted to be used in some manner.
P
NO to the Microsoft Office format as an ISO standard. Sign the
petition
