|
Re: I need a help PLZ :every file named index has been injected ...
|
||||
|---|---|---|---|---|
|
Community Support Member
 
|
Your site has been hacked. This can be due to a security failure of XOOPS, on your PC or of your hosters server. Contact your hoster for the last case.
It is important to find out how the hacker managed to get access. Check out your logs. Delete the files on your site and replace them from a recent backup. Update your site to recent and stable versions. Inspect your database for sneaky data. Change all your passwords and check all the users that manage the site on all levels (MySQL, FTP XOOPS webmasters and privileged groups). Read the advices given in some threads about hacked sites (follow show all) and the security News. PS: Don't publish SPAM domains!
Posted on: 2009/1/11 22:27
|
|||
|
||||
|
Re: I need a help PLZ :every file named index has been injected ...
|
||||
|---|---|---|---|---|
|
Community Support Member
|
Hi,
on top of what ghia said you may post a list of used modules with versions and get some info on security treats and problems... clear the template cache and check webmaster group for new members...
Posted on: 2009/1/11 22:34
|
|||
|
||||
|
Re: I need a help PLZ :every file named index has been injected ...
|
||||
|---|---|---|---|---|
|
Module Developer
 
|
The exact same thing happened to me several months ago. The hacker managed to access and get a dump of my username and password list for the site. The password I was using to administer the site was the same password I used to access ftp.
I would suggest either looking at your server's ftp log or ask your host provider to look at the log. Even if you have to keep a hand written list of passwords I recommend never using the same password twice. And when it comes to beefing up security for the future you should follow the advice of folks like ghia. He was fantastic at helping me work through my issues.
Posted on: 2009/1/11 23:00
|
|||
|
||||
|
Re: I need a help PLZ :every file named index has been injected ...
|
||||
|---|---|---|---|---|
|
Moderator
 
|
Quote:
Even if you have to keep a hand written list of passwords I recommend never using the same password twice. Absolutely agree! And with tools like http://keepass.info/ that generate and keep passwords for you, there is really no excuse for not doing it. Quote: And when it comes to beefing up security for the future you should follow the advice of folks like ghia. He was fantastic at helping me work through my issues. Yep, Ghia is D'Man!!! As a community we're so lucky to have him!!!
Posted on: 2009/1/12 0:38
|
|||
|
||||
You can view topic.
You cannot start a new topic.
You cannot reply to posts.
You cannot edit your posts.
You cannot delete your posts.
You cannot add new polls.
You can vote in polls.
You cannot attach files to posts.
You cannot post without approval.
You cannot use topic type.
You cannot use HTML syntax.
You cannot use signature.
You cannot create PDF files.
You cannot get print page.
