Hello,
1.) Please use the latest version of WB (2.6.7) and the FCKEditor (2.81). All described issues from WB in the link from RedGnomos are only in earlier versions (see the dates are all befor 2007) and fixed in the actually version.
2.) All pages wich was hacked, was hacked on unsecure servers. To overwrite the config.php or the index.php can only be done from a hacker wich has full access to the server. This is not possible through WB. So please ask your hoster for the server logs. There you will see when and how the files are changed. I'm pretty shure you will not got this infos from your hoster as he will recognize in these logfiles that his server config is the real issue.
Matthias
Hi
So far...
They told me the folders which have 777 are not secure and that's why a shell script was uploaded on /media folder.
They deleted the script and told me to change folder permissions.
WB needs these folders to have 777 permissions right? or is there a setting more secure that lets WB work.
Maybe is just an unsecure configuration I have on the WB installation
I really doubt is a server problem, I've been with them for more than 5 years and they're good and respectable company.
Sites without WB weren't hacked.
On one of those sites I clicked to edit a page, then on "manage sections" and instead of showing me the right options it showed an interfase to execute a lot of things, from an "Emperor" company/hacker or something.
I'll check the post you mention.
But, if the permissions are the problem and WB needs those permissions..., we have a problem.
Salutes
Giorgio
WebsiteBaker Community Forum
