12
Hi my XOOPS version is: 2.0.16
Apache/1.3.33 (Unix)
PHP/4.4.7
Deleting the files within cache and template_c folders worked. I had to set up the XOOPS Protector Module Trust Path again in mainfile.php - but once that was done I was able to get back into admin. I have overwritten the hacked pda.php file. I am about to change the admin password.
I have looked at the protector module and it makes the following suggestions (PLEASE ADMIN DELETE THE FOLLOWING IF YOU THINK IT CONSTITUTES AN OPEN INVITATION)
'register_globals' : on Not secure
This setting invites a variety of injecting attacks.
If you can put .htaccess, edit or create...
/homepages/8/d162068134/htdocs/the-weald/cms/.htaccess
php_flag register_globals off
'allow_url_fopen' : on Not secure
This setting allows attackers to execute arbitrary scripts on remote servers.
Only administrator can change this option.
If you are an admin, edit php.ini or httpd.conf.
Sample of httpd.conf:
php_admin_flag allow_url_fopen off
Else, claim it to your administrators.
'session.use_trans_sid' : off ok
'XOOPS_DB_PREFIX' : XOOPS Not secure
This setting invites 'SQL Injections'.
Don't forget turning 'Force sanitizing *' on in this module's preferences.
Go to prefix manager
'mainfile.php' : missing precheck Not secure
You should edit your mainfile.php like written in README.
I am using 1&1 shared hosting and don't think I can create/edit the .htaccess file, but have written to them explaining that my site was compromised and asking their assistance with editing these files.
Many thanks for the input, now back to it's earlier state, but I want to lock it down tighter now.
