Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.
By yosemite on
drupal 6.16, not all modules up to date
somehow the .htaccess and index.php files were changed. not sure if they came in through drupal or by ftp, possibly through captcha module as it was out of date?
the site was redflagged by google so firefox and chrome alerted visitors that the site contained malware
backed up db, deleted site and i am now reinstalling as it seemed really slow after restoring original .htaccess and index.php.
do you think they could alter the db?
Comments
=-=
doesn't at all mean they broke into your server account through drupal.
I check access logs around the time this is supposed to have occured.
if they were able to write to files it could be a server level security issue rather than a drupal one.
Also of note this isn't how security issues should be handled. see: http://drupal.org/node/101494
here is the modified php.ini
here is the modified php.ini file. anybody know what is going in here?
Entire pasting of php.ini removed.=-=
to post files to drupal.org use pastebin.com or drupalbin.com and link them here.
php.ini is a file that sets php settings. I don't believe it has anything to do with your issue.
have you checked your access files? the files that were altered have a date and time stamp. did you compare that date and time stamp with your access logs to narrow down how this happened?