Forgot to delete setup.php and someone used it to change zp-config.php

ferentz

I saw that the english translation of my site (zp 1.3.0) wasn't working at all. When I checked in zp-cofig.php I saw that some dude changed it with his data two days ago. My only guess is that he picked me up from showcase and tried to acces my setup.php. Fortunately for him I've forgot to delete it. I conclude that because at first glance I don't see other harm done. What I would like to know is that if the setup page has been opened was my previous configuration displayed for him ? I'm worried about my password. Btw how was he able to override the htacces rules?

P.S. There's a bot that keeps visiting one of my albums. First time it visited my site it left over 60 spam comms. I enabled CAPTCHA but it still keeps visiting the album (currently 6251 visits while the other albums have at most 100 visits). How can I block track the IP and block it ?

acrylian

First you need to find out how he got in. That could have happened via the server itself because of file/folder permissions or via FTP or else as well (or in combination). You should contact your host as well.

Setup actually requires your password/username data to change anything. Did he change the database data? In any case you should of course now change your password immediatly to be on the secure side.

What Zenphoto version do you use?

acrylian

Tracking IP and blocking completly from is nothing Zenphoto can do. That has to be done on your server, you should have some statistics there. Probably it can be blocked via htaccess for example. As said I suggest to contact your host as well.

ferentz

Zp 1.3.0 is my current version. I'll change all my passwords afap. Allready deleted the setup file by the time I wrote the first post. I'll be contacting the host to see their advice. Thanks for your help.

P.S. Databases seem intact. I'll be digging deeper to find anything broken.

acrylian

You really should upgrade to 1.3.1.2 as the 1.3.1.x releases were security bugfix releases mainly.