21
Quote:
ladysham wrote:
I was hacked also. Didn't really see anything until I went and looked at the blocks. The hacker was able to insert a custom block into my XOOPS with a redirect to his website.
For the moment, I've shut down my website to see what I want to do.
Whilst my site wasn't hacked, they were trying to run a script from another site, fortunately the web server security was tight enough to send them a '403' (forbidden).
They did manage to pass some SQL code though, and I tried it myself, after finding out what it did. To my surprise I could see the username and password, although the password was encrypted.
The sites that were hacked, possibly don't have 'strong" passwords ???
I may take a look at the login file, user.php, and see if it is 'easy' to restrict access the my IP address
only, that way no one else would be able to login.
Peter
NO to the Microsoft Office format as an ISO standard. Sign the
petition
