oak-grove

Forum Replies Created

Viewing 5 replies - 1 through 5 (of 5 total)

  • I think that I am now clean too, but I missed hqc.php because it as in the root structure, rather than in the blog subdirectory which I had cleaned.

    I only noticed it when the technorati feed for the domain started going bonkers with loads of sites pointing to my domain, all referencing hqc.php, and there have been hundreds of them. I’ve checked through a good number of them and not one of them has been 2.3.3, most have been much older. A lot of them also seem to be K2 style (which mine used to be), but that could just be because K2 is popular.

    So I’m almost certain that hqc.php is left over from before the 2.3.3 upgrade and that the site is now clean and that 2.3.3 is secure.

    I also changed all of my passwords to be sure that they were safe.

    There is more to this than just the insertion of code into your post. In the root of your site structure you may well find, as I did today, hqc.php.

    Your site will then be used within the code that is posted onto other’s sites.

    There are a now a whole load of sites with links hqc.php on my site, litterally hundreds of them.

    I’ve deleted it. I’m not a php coder so can’t understand what it is doing, but if anyone else wants to have a look I’ve kept a copy safe (off my site).

    oak-grove

    (@oak-grove)

    Since removing self registration I have not had the problem. Might be a good thing to try if you don’t need it.

    oak-grove

    (@oak-grove)

    I noticed a couple of security things that I could tighten down on – mainly stopping self registration and deleted some suspicious user accounts, so have cleaned up the entry highlighted previously. We’ll see what happens.

    oak-grove

    (@oak-grove)

    I too have this problem and thought that it was because I was behind a couple of revisions. I was on 2.3.1 so cleaned everything down and replaced it with 2.3.3 but I’ve still got the problem.

    Example: https://www.fulwoodfmc.net/podcasts/2008/03/02/the-tenants-andrew-gardner/

    It only ever changes the first post. It also changes the comments and ping settings off. If I clean the post down it comes back again within 24 hours.

    Is there something else I should be checking?

    Is there some other security settings I should be applying?

Viewing 5 replies - 1 through 5 (of 5 total)