1
timely thread ... I've been hacked twice in the last two weeks as well (after years of running xoops)
Found this thread after figuring out from the server logs that in the most recent attack that they had used the spaw editor embedded in xt_conteudo to insert a new home page.
I've deleted the spaw editor but have left xt_conteudo installed with no wysiwyg editing since I have a fair amount of content under it ... anyone know whether there are any other holes in it? (I have protector installed as well)
also with regard to phpsuexec ... I have also chmod 755 on all the folders that were previously writable and the site seems to be working so that suggestion appears to be a good idea as well :)
Thanks for all the tips!
Dave
Found this thread after figuring out from the server logs that in the most recent attack that they had used the spaw editor embedded in xt_conteudo to insert a new home page.
I've deleted the spaw editor but have left xt_conteudo installed with no wysiwyg editing since I have a fair amount of content under it ... anyone know whether there are any other holes in it? (I have protector installed as well)
also with regard to phpsuexec ... I have also chmod 755 on all the folders that were previously writable and the site seems to be working so that suggestion appears to be a good idea as well :)
Thanks for all the tips!
Dave
