Yesterday my site was hacked, luckily for us our hosting company spotted the file and blocked it, but how did they gain access to my site?
We had just changed password to another complex one. the admin account is not called admin. my ftp account is different to all the login account and so is the one for the hosting company.
So how did they drop a id.php file on my root, create a new admin account and a new forum folder inside my files?
Does 4.2.1 still have loop holes?
Is my hosting company to blame?
Or have I simply done something wrong with the security of my site?
Would really like some answers as more and more vbulletin sites are being hacked daily..
Thanks.
We had just changed password to another complex one. the admin account is not called admin. my ftp account is different to all the login account and so is the one for the hosting company.
So how did they drop a id.php file on my root, create a new admin account and a new forum folder inside my files?
Does 4.2.1 still have loop holes?
Is my hosting company to blame?
Or have I simply done something wrong with the security of my site?
Would really like some answers as more and more vbulletin sites are being hacked daily..
Thanks.
Comment