Quote:
Originally Posted by molarmite
Patch was not as successful as I would've liked. Less than a week after it's released, our site was hacked again. I'm not sure what to do anymore.
|
If the attempt just occured, you should have log files available to you that are very recent. My suggestion is still the same as originally mentioned. Those log files will tell the site admin exactly what was hacked on the server and how the attempt occurred. If it was exploiting some other site script, it will say so. If it was by knowing the FTP account/password that gives full site access then I would still suggest what I said before about using an account solely for team exports on the site that has no HTML access.
No matter what, the logs will easily provide the site admin a set of footprints that can be followed to know exactly how they got in so you can fix it for next time.