I fell prey to to a hack last night. Instead of displaying my site I got a : "syntax error unexpected > in index" message. Not too sure about the exact message I was in a hurry to get the site back up. The site has been restored.

I made all of the changes recommended by the RSFirewall SYSTEM CHECK today (I know, a day too late). Is there anything else that will help prevent future attacks?

One other thing. The SYSTEM CHECK gives the following message: "Your PHP configuration is not secure."

When I click the button the fix the problem and rescan I get the same message.

Thanks much.

John

Hello,

The hack you've experienced came from a virus on your computer. This type of virus has become very common - it "sleeps" on your computer until you connect to your website's FTP. When it detects a FTP connection, it stores the username, password and host and automatically connects and modifies all index.php, index.html, default.php (default index files) in all directories by adding a line such as (just an example):
You need to:
1) Change your FTP password;
2) Clean your computer of the virus (and all computers you used to connect to the FTP account).
3) Replace the infected Joomla! files with the original versions from the Joomla! installation package. You can use RSFirewall! to check files for integrity and if you find anything that doesn't match, replace it.

The fix for the PHP configuration check does not work on all servers. It tries to create a new php.ini file in the root of your website (with secure php settings) and if the server allows this, it will read the new php.ini.
If you get the message again, then it did not work on your server. You can contact your hosting provider, send them the php.ini located in the root of your Joomla! folder and ask for further assistance.

Regards!