View Single Post
Old 04 Jan 2017, 16:16
garyb12001 garyb12001 is offline
Join Date: Jun 2010
Originally Posted by RichieBoy67 View Post
I doubt it was the vulnerability. Once someone gains access to your file system they can exploit any file they want.
My bad - you were correct. Somehow, they got access to my AdminCP (which I renamed from default long ago) and were injecting PHP redirect code into the plugins. I have ensured there are no rogue admin accounts and all passwords have been reset and further secured my AdminCP with .htaccess and voila, the redirects have stopped.

Thankfully, the VPS my board sits on was not compromised in any way.
Reply With Quote