Hi everyone,
As I said, it's my third time my site gets hacked BUT it is not necessarily ZP who should be blamed :
My www contains a wordpress CMS and a subdirectory with a zp in it. I must admit that my zp has been forgotten for a while without any upgrade (so I am the one who should be blamed first !)
Here is my question :
The index.php at the root has been corrupted (not it the zp directory IN THE ROOT.)
This has been added :
`<?php /*68066*/ error_reporting(0);
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('display_errors','Off');
@eval( base64_decode('...'));/*68066*/ ?><?php`
Do you think that the security breech can still come from zp ?
I wish it could for I have upgraded and protected the wordpress part of my site, and if the breech is still there ... i am helpless ...
Thanks for any clue or advice !
Zenphoto
Comments
So it might have been the WP install or even the server itself. You should also contact your host about that. They might have more tools to tell how that might have happened.
I did remove part of your code so it does not hurt us here.
First I had removed most of the 64_coded c***p in the sample I provided.
The upgrade is done.
... for the rest ... I will inquire ...
Bye,
n
Any link where it is explained ?
Thanks
The database credentials for Zenphoto are within the config file within /zp-data.
(for this last answer and for the rest !)