Hello,

Just for clarification on the previous point, do we delete the java postlet or is it ok sat in there please? It looks like the associated php files have been "nuked" to delete their content during the "diff" overwrite - does this effectively render the java postlet safe?

Thanks
Dave

If you want a more secure install I suggest - delete it.

To make it more simple for CMSMS users, I would suggest scheduling daily, weekly, and/or monthly back-ups with your web hosts - depending on how frequently you update your site's content.

I automatically back-up all of my sites daily to a shared hosting account, for example. This way, if a hacker does get in, you can simple restore it back to the last back-up file you have, and then change the database name, username, and password then update the config file and not have to go through all of the trouble that calguy listed.

Though...if you aren't making back-ups etc, you will have to follow calguy's steps.

_________________
EGS provides MMORPG services for WoW, FFXI, FFXIV, AION, Warhammer Online, Age of Conan, RuneScape, Guild Wars, Maple Story, Cabal Online, as well as most other free-to-play MMORPGs.

Our site is *proudly* powered by CMS Made Simple.

CMS Made Simple isn't just simply, it's ridiculously powerful, and suitable for virtually any site and niche. It easily allows us to maintain our site in which receives about 5,000 unique visitors per day.

The crackers' script isn't interesting : what is very interesting is the http logS of its attack. Knowing the attack makes it possible to strengthem hardening the filtering rules in the "small security guide".

Pierre M.

_________________
-- Pierre, support team member. comodérateur du forum francophone.
Please read "how to submit installation/support requests" before posting. Don't send private messages to ask for support.
Want to contribute to CMSms ? Improve the wiki with your forum account.