Recent Hack Attacks

gjr

With the recent vulnerability and massive attacks on Zenphoto installations, I wonder how all these zenphoto sites were found by the hackers. I suspect maybe the last comment line in the root index.php which states the version, plugin, and template info? If so, do think this and other zenphoto identification marks should be removed as to not be able to search for zenphoto sites? Just a thought...

darkufo

I was wondering the same.

Is there some sort of search these hackers can do to find "us"

acrylian

gjr. Yes, we probably can or should do that. But these info actually helps us a lot to support as people tend to forget/miss to post the basic info like Zenphoto version.