Submitted by Andrew Berry on Wed, 12/28/2011 - 4:33pm

Sounds like it was probably a general PHP hack, and not anything Drupal specific. However, anyone still running 4.7 is asking for trouble.

This is a great example of why sites should be deployed with version control or rsync. Git especially is strong in this regard as even if the hacker changes the contents of your .git directory, the hashes will all be off. Usually in a case like this detecting changed files becomes as easy as "git status", and you can set up monitoring to alert you of any discrepancies.

Hopefully by "FTP" you mean "SFTP". There's no good reason to allow unencrypted access to your servers. All it takes is one person to connect on a public wifi network and your site can be pwned. If your server is defaulting to enabling FTP, the first thing you should do is disable it. These days client support is not even an issue, as virtually every GUI FTP client also supports SFTP.

The content of this field is kept private and will not be shown publicly.
About text formats

Plain text

  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.