is any one else having issues with http://www.hack-labs.org/
removing and adding bits to wp-mu
any ideas on how to tighten up the security?
http://www.stuffabout.me.uk/hacked.html
is what they left i have moved it and renamed it but that is how i found it
Richard
How do you know they got in via MU? I'd be very interested in finding out how.
i can't find any trace of ssh ftp (and id rather use IE then telnet) attempt
and the only thing i can find is the user:group is set to the apache user:group
like when wpmu makes the blogs/ dir
that perticular group have been harrasing my for some time.
due to when i had the site running one user made a post about the reglious beliefs that this group seem to follow
the account was removed but it hasn't stopped the harrasment
hence i no longer host the site my self and leave to the a webhost
Could it be that you left the 777 permissions that the installer requested in place leaving your http home writable by all users on the shared host?
The hacked.html file, was that placed in the root dir as index.html? Were your other files removed or just that one added?
im not fussed about it. the site was due for a despaming just wanted to know if it was just me or are others getting abuse from them :)
as far as i know all permisons set correctly and the page they left was index.html i just renamed it