My Blog is Hacked

Random stuff about serendipity. Discussion, Questions, Paraphernalia.
Post Reply
Fila
Regular
Posts: 34
Joined: Thu Oct 26, 2006 11:16 am

My Blog is Hacked

Post by Fila »

Hi there,
One of my blogs is hacked and they changed serendipity_config_local.inc.php and installed mass mailer software which kill my server.

I installed serendipity on that domain about 2 years ago and didn't upgrade at all. If I upgraded the script, will that problem exist? My host said hacker got into that thru serendipity cache dir.

Thanks
Fil
garvinhicking
Core Developer
Posts: 30022
Joined: Tue Sep 16, 2003 9:45 pm
Location: Cologne, Germany
Contact:

Re: My Blog is Hacked

Post by garvinhicking »

Hi!

You should first upgrade, and after that immediately change all your passwords (FTP, SQL, Serendipity blog) - then you should be safe. In the current 1.3.1 stable version of serendipity there are no exploits known to us.

The cache dir is only affected when hackers have already write access to your server through other holes.

Regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
Post Reply