Site Hacked?

My site is: http://www.chinamash.com

I have a slightly modified default/sterile theme going there. When I viewed the site today there was a link at the bottom that I had not installed myself. It was a link to a weird website with a bunch of random words. When I looked at the index.php file there was clearly script code injected at the bottom of the file. Deleting it got rid of it.

Has my site been corrupted? How did the hacker inject that script code? What can I do to make sure that doesn't happen again? Thanks.

Comments

  • acrylian Administrator, Developer
    Sounds like that. It is also possible that the server itself and not Zenphoto specifially was hacked if you did not set the right file/folder permissions. Please see the troubleshooting guide about that. Best you also contact your host about that, too.

    Also a good occasion to update to 1.2.6 btw...;)
  • OK, thanks. The permissions for the .php file that was hacked was 644...so I'm still not sure how they got in there (I have comments disabled as well, etc.).

    I'll contact my host and upgrade to 1.2.6.

    Thanks
  • acrylian Administrator, Developer
    Please keep us posted about news.
Sign In or Register to comment.