This regards a DIFFERENT site than the one I reported hacked earlier today. (After noticing one, I checked them all.) My host, Yahoo, tells me the fact that my site there was hacked three times in the same year proves I am being targeted as a "domain-specific attack." After the hacking in March, we upgraded to CMSMS 1.2.4 (I think; the fellow who helped me said we should strip out all reference to the version for security purposes.)
Yahoo says no upgrade will be strong enough. I will need to hire a PHP pro to go in and close any vulnerability to a script kiddie. Does this sound right to you guys, or do you think I can just do an upgrade?
3rd hacking. Am I being targeted? (solved)
-
terimurphy
- Forum Members
- Posts: 41
- Joined: Sat Nov 26, 2005 1:15 am
3rd hacking. Am I being targeted? (solved)
Last edited by terimurphy on Tue Oct 21, 2008 2:27 am, edited 1 time in total.
Re: 3rd hacking. Am I being targeted?
Most upgrades are done by PHP pro who tries to fixes bugs they find and prevent hacking. So yeah, upgrading right now is the best option unless you have money to hire someone but I highly doubt they would know all the ins and outs of CMS Made Simple like the developers who created them.
-
terimurphy
- Forum Members
- Posts: 41
- Joined: Sat Nov 26, 2005 1:15 am
Re: 3rd hacking. Am I being targeted? (solved)
Thank you for saving me some money.
Duh. Of course that makes sense!
Duh. Of course that makes sense!
-
Pierre M.
Re: 3rd hacking. Am I being targeted? (solved)
Your 1.2.4 has known vulnerabilities. This is why there is 1.4.1 today.
See http://forum.cmsmadesimple.org/index.ph ... 539.0.html
and http://wiki.cmsmadesimple.org/index.php ... mall_Guide
Pierre M.
See http://forum.cmsmadesimple.org/index.ph ... 539.0.html
and http://wiki.cmsmadesimple.org/index.php ... mall_Guide
Pierre M.
