jgbiggs

Don't know if this is the correct forum... but here goes. Some time on the afternoon of 11/09/2005 someone gained access to my account and changed (as far as I can tell nothing else) the index.php file on my wordpress blog. I noticed this the next day, changed the password to the site, and had tech support restore my userspace from a back up a few days prior. Aside from the hacker somehow guessing my password, how elese could this have happened? Is there some other security measures I could have taken?

Currently the database name is foamdep_photoview and the only user is foamdep_photovie Do they -have to- match? the username is missing the "w" due to a length limitation. I am somewhat familiary with the set up of a mysql database on TCH, since I have done it for a blog in the past.

I found that I could run the following: <?php phpinfo(); ?> as a *.php script to determing the config options of php. I got this: './configure' '--with-apxs=/usr/local/apache/bin/apxs' '--with-xml' '--enable-bcmath' '--enable-calendar' '--with-curl' '--with-dom' '--with-dom-xslt' '--with-dom-exslt' '--enable-exif' '--enable-ftp' '--with-gd' '--with-jpeg-dir=/usr/local' '--with-png-dir=/usr' '--with-xpm-dir=/usr/X11R6' '--with-gettext' '--with-imap' '--with-imap-ssl' '--with-kerberos' '--with-mcrypt' '--with-mhash' '--enable-magic-quotes' '--with-mysql=/usr' '--with-openssl' '--enable-discard-path' '--with-pear' '--enable-xslt' '--with-xslt-sablot' '--enable-sockets' '--enable-track-vars' '--with-ttf' '--with-freetype-dir=/usr' '--enable-gd-native-ttf' '--enable-versioning' '--enable-wddx' '--with-zlib So seemingly all the requirements are met. Any other ideas?

I am trying to install photoview-3.4 to evaluate it for possible use as a photoblog. Here is a list of requirements: * MySQL database (http://www.mysql.com/) * PHP 4 (http://www.php.net/), compiled the extensions: * MySQL database (--with-mysql) * Sablot, XSLT processor (--with-sablot) * DOM XML API (--with-dom and --with-zlib) * Image Magick (will use /usr/bin/X11/convert) This is the error I get when trying to set up the database from a script in the package. Warning: dl(): Unable to load dynamic library './xslt.so' - ./xslt.so: cannot open shared object file: No such file or directory in /home/foamdep/public_html/photoview/photoview-3.4/admin.php on line 29 PhotoView sanity check failed: * Cannot connect to database on server 'Array' with user 'Array' (password not shown) This is the offending line in admin.php: dl("xslt.so"); I have already set up a database and a login/password and let the script know about per the instructions. ? Is TCH's php complied with the above options? Please confirm. Thanks.

I am no expert on .htaccess and all that it can do. But somehow I was test driving some photo-blog software on my site that I now wish to delete. It will not. What sort of things do i need to do in order to get this off my space? I can't even overwrite the (what I think is) offending .htaccess file.