Quote:
Originally Posted by bmvw  It is very important to look for the backdoor!
Look thru the logs for a POST to an odd-named file. The datestamp on the altered PHP files will help you find it in the raw logfile
also, htaccess ban the offending IP ranges |
My logs are only for 24 hrs.