[pmwiki-users] Hacking (again!)

Erik Haagensen erik.haa at gmail.com
Thu Jul 31 06:59:40 CDT 2008

Our site has been vandalized a couple of times - that seems to be over now 
after putting in an "open" password for doing changes - like described in this 
However - the latest weeks there has been a change directly in the php-code - 
making references to a malicious site in one or another way (I'm not so good 
at this code stuff!).
I asked my servivce provider if there were possible to do changes in the 
system files on his server - and he replied that the security on the server 
was good enough - and that any hacking was possible because of  - I'll try to 
translate - 
"This type of hacking is due to security holes in the code - not on the 
server. We cannot do anything from our side. As a rule this is caused by badly 
secured schematic code / form code (??) "
I have problems argueing with them - partly because of my little knowledge 
about this - partly because of their attitude.
Anyone that has an idea about this problem ?
I've run the Site Analyzer and the only thing that came up was that 
?action=diag ... enabled 
No other vulnerabilities.
Erik Haagensen
NO-2550 Os i Østerdalen

More information about the pmwiki-users mailing list