Quote by andyofne: The last time I was 'hacked' I e-mailed you directly thinking that I had experienced something unique but I was to learn later that it wasn't a unique event. I know you were probably busy dealing with the problem so I understand why you didn't respond.
By the time you emailed me, there were already posts about that "exploit" in the forums and on the frontpage.
Besides, security issues should really be sent to our security contact address, as outlined on our Geeklog Security
Quote by andyofne: Still, at that time the attitude on this site was that it was a So-called Geeklog "exploit" when, in fact, it was an exploit for an improperly installed geeklog. The attitude seemed dismissive and cavalier.
Yep, that didn't go down to well with a few people. I still stand by what I wrote in that post and this comment
Geeklog was always supposed to be installed the way it is and we've been preaching for years that that is the only really safe way to install it. Even before those hacking attempts, you would have given the entire web access to your database backups(!), for example, if you didn't install it correctly.
Quote by andyofne: As you've mentioned, the hosting company that I am using does not allow me to create files outside of the webroot. I imagine this is a situation that affects many people.
We have an FAQ entry
for these cases.
I have to admit, though, that I wasn't aware of all those automatic installations that don't seem to follow our advise.
Quote by andyofne: I'm not a programmer or professional web designer so I can't say exactly what happened. But since there's been no questions from anyone I can't provide any other answers either.
Above, you mentioned that the hack involved BlackList.Examine.class.php - that shouldn't have been possible after you password-protected your Geeklog directory. So either you were talking about the first hack or something's wrong here.