My site was recently compromised via directories with open permissions set by the Limbo CMS. Also there are some password security concerns which allowed a person to get to the CMS backend which I have taken care of.
This is a Mambo CMS written in PHP.
I was wondering if anyone had any tips for PHP security. I realize now that my directories were very open, allowing anyone to write php files to directories. I have corrected these.
Also, is there a way to limit which countries hit my site? The hackers were apparently from Vietnam (thats what came up when I googled the "tag" name they put in my content).
Are there logs I can look at to see what IP address was at my site and lock it out from there? Sorry I am a newbie to site maintainance.
