Hi,

In an older XOOPS install I have (which I do not really use much and have someone else administer) was hacked

http://www.indiegameresources.com/e107/

Before I go into fixing it (or have someone as I am not much of a developer) can anyone let me know if this has happened to them... and point me in the right direction to fixing it.

Also, I am about to launch a new XOOPS site (curent build) - so I am a little worried about this happening again - if anyone know about this hack, could you let me know if the current build is better protected.

Thank you in advance for your help.

Since you don't tell us exactly what the 'older' build was let us just advise you that each and every version of XOOPS up to the 2.0.14 rc1 have built on improving XOOPS security. However, no system is inpenetrable...so you always need to adopt best practices in building and maintaining a site which includes making sure your CHMOD (read write access) is correct, and you only give webmaster permissions to very truted people.



I clicked your site link and can't help you there at all..for me to look at it I require downloaded pluggins which i wasn't prepared to do. Your post does not really make it clear for me at least what hack it is that you are referring to.

Check this FAQ and go to the FAQ section on 'Upgrades, security and backups' for more information about security. HTH

We over at Code-plus had something like this a few months ago, we have GiJoes Protector Module installed and we where saved.

I would suggest that you install this module asap and this should help protect you from this script kiddie hack in future.

ATB

Catz