Skyrocket in Flight

10/24/2008 | Back to Article

this page sucks

not working

I’m relatively new to EE, only having run the core version for my personal blog.

I’ve recently purchased a license for the website I’m building for a local school. I’ve been building the site in a test directory, so it’s not yet live, as they’re running an old WP site while I build the new one. Their old WP site was hacked into earlier this year, which is why they were eager to move to a more stable system, and why I recommended EE.

I’ve just had a rather disturbing email from my contact at the school saying that the webhost just notified them that following files were vulnerable and the site had been attempted to be hacked into:

system/cache/page_cache/admin.admin.php
system/cache/page_cache/mod_admin.admin.php
system/cache/page_cache/toolbar.menu.webadmin.php

The webhost wants the files deleted immediately or they will suspend the school’s entire domain.

I’ve cleared the cache, but they files are still there. Before I try deleting them through FTP or the Plesk control panel I thought I should check if these files part of EE? If they’re deleted, what will happen? Oddly enough my other EE site (uses EE Core, so don’t know if it makes a difference) doesn’t have anything like this listed and when I tried to download the files through my FTP client to take a look it gave a permission denied error…

And my next question is, what should I do next to make sure it doesn’t happen again?

Thanks for your help and advice,

testing some more

sdfg

Add a comment