Limbo Cms Security- Site Hacked

[timl]

My site was recently compromised via directories with open permissions set by the Limbo CMS. Also there are some password security concerns which allowed a person to get to the CMS backend which I have taken care of.

 

This is a Mambo CMS written in PHP.

 

I was wondering if anyone had any tips for PHP security. I realize now that my directories were very open, allowing anyone to write php files to directories. I have corrected these.

 

Also, is there a way to limit which countries hit my site? The hackers were apparently from Vietnam (thats what came up when I googled the "tag" name they put in my content).

 

Are there logs I can look at to see what IP address was at my site and lock it out from there? Sorry I am a newbie to site maintainance.

[TCH-Andy]

Welcome to the forums

 

If it has been compromised, you should reprovision the account completely from a backup from before it was compromised. You never know what little treats they have left behind for you.

 

If you download your raw log file, then you can see the IP addresses used to access your site. You can block ranges of IP addresses using .htaccess, but personally I would simply recommend that you maintain the latest secure versions of all scripts.

[TCH-JimE]

Welcome to the forums!

 

If I remember, Limbo CMS is based on mambo or joomla as you say. Make sure the files are up to date and that you have CHMOD correctley all files that a normal mambo/joomla install says you should do.

 

As Andy says above, block using your htaccess

 

JimE

[TCH-Thomas]

Welcome to the forum, timl.

[TCH-Don]

Welcome to the forum, tim

[TCH-Bruce]

Welcome to the forums

[TCH-Rob]

Welcome to the forums Tim. What a way to start your visitto the forums eh? Follow the directions above and you should be on the right track.

[stevevan]

Welcome to the forums! Anything I could add has already been mentioned.

[j2k4b]

Welcome to the forums...