12 years 3 weeks ago
So I tried Phil Taylor's scan. There was a long list of issues, of which, when I worked through them, very few were significant. I'm not sure if I'm any further forward but for the sake of keeping the thread as useful as possible to anyone else looking at this and for my own review…
Here's what was found / what I did about it.
*enabled the cache in the site configuration - followed the instructions given
*changed the favicon: to complete once I work out where to insert the htlm code - followed instructions from a site for which a link was given
*updated an extension-a routine thing isn't it
*protect the administrator Url with a .htaccess password - this looked like it might be significant but no clues were given about how you might achieve such a thing.
*Enable Gzip Compression - Followed the instructions given: seemed sensible for speed but nothing to do with security
*remove files from tmp folder - just deleted them in dreamweaver: seemed good housekeeping
*Checked suspect content in five files - the tools given with the audit allowed me to inspect the dodgy code, one was related to the code to upload things to flickr the others were Zen grids use of the eval( ) function: nothing malicious
* Reviewed and deleted php error log - nothing suspicious in it… more housekeeping
*suggested installing akeeba backup - which I tried to do but it needs PHP 5.3 to be running and at best I'm running 5.2.. I sent a note to my host provider
*two other issues to do with the server environment and php configuration seemed minor and didn't come with any instructions on what to do about them or else I couldn't follow them
*a suggestion to alter the default database prefix - came with a warning to backup the database first which put me off using the tool provided to do the job, as I haven't been able to install the backup extension.
I also changed the username from admin to something less obvious.
will any of that make any difference to the vulnerability of the site… I doubt it.. I was hoping to see some gaping hole somewhere that would explain the five recent successful hacks… go figure.