CMSMS Hacked again...

[Sy]

I've been using CMSMS for a while now and no problems until about a month ago when a site I did in CMSMS got hacked.  The hacker somehow appended a lot of HTML to the end of include.php, no idea how they did it, it was an older version of CMSMS, so I posted in here and was told to upgrade which I did to 1.3, today the site was hacked again in exactly the same way, lots of links to viagra sites at the end of the include.php file.

I've checked the file permissions and they are correct, I've also changed the FTP password, downloading 1.3.1 now, is this a known problem ?

[cyberman]

Please check the logfiles ...

[Sy]

Sorry, which log files?

[LC350]

Since this would appear to be either an ongoing issue with cmsms, or your host, and since it would be helpful to start establishing a possible pattern, can you say who is your hosting provider?

[Nullig]

If it's the one in his sig, it looks like a godaddy site.

[Sy]

Yes, its http://www.eska.co.uk and yes it is hosted by http://www.godaddy.com, however I have several other sites also hosted by godaddy.com and these are not based on CMSMS and have been up longer, but have never been hacked.

[cyberman]

it was an older version of CMSMS, so I posted in here and was told to upgrade which I did to 1.3, today the site was hacked again in exactly the same way, lots of links to viagra sites at the end of the include.php file.

Have you cleaned your old install before?

In current hacks there are many files uploaded (sometimes). If these files are online hackers have no problem to get access.

Have you realized all of security help?

http://wiki.cmsmadesimple.org/index.php ... mall_Guide

[Sy]

Thank you, I will go through the document.