URL to your eFiction: http://www.sucker-love.com/fanfic/
Version of eFiction: latest
Hello all! First, thank you for the help, our archive is up and ready to roll. Now, we were hacked last time so I would like to know which steps we can take to make the archive as safe as possible.
I saw in one of the posts that config.php needs to stay, but it doesn't need to be chmoded to 666 after install. How shall I chmod it then?
One more thing. I would also like to know which files I can safely delete after the install. I'd like to clean out everything that isn't necessary. Here's a list of what we have (I marked with x the files that I already suspect we can delete):
admin.php
authors.php
browse.php
contact.php
config.php
header.php
index.php
maintenance.php
news.php
x README.txt
reviews.php
rss.php
search.php
series.php
stories.php
template.php
toplists.php
update.php
user.php
viewpage.php
viewseries.php
viewstory.php
viewuser.php
admin
admins.php
authorfields.php
backup.php
blocks.php
build_formjs.php
categories.php
censor.php
characters.php
classifications.php
custpages.php
featured.php
genres.php
index.php
links.php
lock.php
mailusers.php
maintenance.php
manual.php
members.php
messages.php
modules.php
news.php
noletter.php
panels.php
phpinfo.php
ratings.php
settings.php
skins.php
stories.php
submitted.php
update.php
validate.php
versioncheck.php
viewlog.php
warnings.php
yesletter.php
blocks
x? countdown.zip
index.php
blockscategories
admin.php
categories.php
en.php
index.php
init.php
blockscountdown
admin.php
block.php
en.php
index.php
init.php
x README.txt
blocksfeatured
admin.php
en.php
featured.php
index.php
init.php
blocksinfo
admin.php
en.php
index.php
info.php
init.php
blockslogin
admin.php
en.php
index.php
init.php
login.php
x README.txt
blocksmenu
admin.php
en.php
index.php
init.php
menu.php
blocksnews
admin.php
en.php
index.php
init.php
news.php
blocksonline
en.php
index.php
init.php
online.php
x README.txt
blockspoll
admin.php
bar.jpg
en.php
index.php
init.php
poll.php
pollarchive.php
x README.txt
blockspollbars
000_bar.jpg
009_bar.jpg
06F_bar.jpg
369_bar.jpg
909_bar.jpg
960_bar.jpg
999_bar.jpg
bar.png
C69_bar.jpg
dk_brown.gif
dk_green.gif
dk_red.gif
F90_bar.jpg
FF0_bar.jpg
lt_green.gif
orange.gif
x? Thumbs.db
blocksrandom
admin.php
en.php
index.php
init.php
random.php
blocksrecent
admin.php
en.php
index.php
init.php
recent.php
blockssearch
index.php
init.php
search.php
blocksshoutbox
admin.php
archive.php
en.php
index.php
init.php
x README.txt
shoutbox.php
blocksskinchange
index.php
init.php
skinchange.php
browse
authors.php
categories.php
characters.php
class.php
featured.php
index.php
ratings.php
recent.php
series.php
titles.php
toplists.php
default_tpls
browse.tpl
categories.tpl
challenges.tpl
challenges_title.tpl
comments.tpl
default.tpl
favcomment.tpl
footer.tpl
header.tpl
index.php
index.tpl
listings.tpl
newsbox.tpl
printable.css
printstory.tpl
profile.tpl
x README.txt
reviewblock.tpl
reviews.tpl
series_title.tpl
storyindex.tpl
style.css
user.tpl
variables.php
viewstory.tpl
x? docs
adminmanual.htm
adminmanual_en.htm
blocks.sql
convertingskins.htm
creating_blocks.htm
creating_skins.htm
default_panels.htm
gpl.txt
index.php
messages.sql
NewFeatures.txt
optimize.sql
pagelinks.sql
panels.sql
settingstable.sql
Skin Changes 2.0 to 3.0.txt
tables.sql
upgade11_step10.sql
upgade20_step10.sql
upgrade11_step10.sql
upgrade11_step4.sql
upgrade20_step10.sql
upgrade20_step4.sql
images
aim.gif
aimoff.gif
arrowdown.gif
arrowup.gif
blueribbon.gif
check.gif
dislike.gif
frown.gif
halfcheck.gif
icq.gif
index.php
lightbulb.gif
like.gif
lj.gif
locked.gif
msntalk.gif
print.gif
redribbon.gif
reviews.gif
roundrobin.gif
row_off.gif
row_on.gif
shades_smile.gif
silvertrophy.gif
smile.gif
star.gif
starhalf.gif
Thumbs.db
thumbs_down.gif
thumbs_up.gif
trophy.gif
X.gif
xml.gif
yim.gif
includes
button.php
x? button.zip
categories.php
class.TemplatePower.inc.php
corefunctions.php
dbfunctions.php
deletefunctions.php
emailer.php
get_session_vars.php
index.php
javascript.js
members_list.php
mysql_functions.php
mysqli_functions.php
pagesetup.php
phpmailer_include.php
plain.button.php
queries.php
reviewform.php
seriesblock.php
seriesreviews.php
smtp_include.php
storyblock.php
storyform.php
upload_class.php
includescFonts
artisregularttnorm.ttf
Browning.ttf
bubblesoft.ttf
cookieitalic.ttf
debussy.ttf
felttip.ttf
fonts101.txt
includeslanguage
index.php
phpmailer.lang-en.php
languages
en.php
en_admin.php
modules
index.php
moduleschallenges
admin.php
adminfunctions.php
authorof.php
browse.php
challenges.php
challengesby.php
deletestory.php
deluser.php
index.php
install.php
otherresults.php
seriesblock.php
seriestitle.php
stats.php
storyblock.php
topchallenges.php
uninstall.php
update.php
version.php
moduleschallengesdefault_tpls
challenges.tpl
challenges_title.tpl
moduleschallengeslanguages
en.php
skins
index.php
skinsCSSZen
challenges.tpl
footer.tpl
header.tpl
index.php
index.tpl
listings.tpl
newsbox.tpl
x? README.txt
reviewblock.tpl
style.css
user.tpl
variables.php
toplists
default.php
index.php
user
contact.php
editbio.php
editprefs.php
favau.php
favlist.php
favse.php
favst.php
index.php
login.php
logout.php
lostpassword.php
manageimages.php
manfavs.php
profile.php
queries.php
register.php
reviewsby.php
revreceived.php
revres.php
seriesby.php
stats.php
storiesby.php
Sorry if I'm being a pain and thanks for any clues you can give me π
The instructions says just to get rid of the install folder and possibly the bridge data if its not in use, otherwise it's pretty secure should you have the latest version and another version update ought to be forthcoming should anything be left out.
I am rebuilding efiction! Join us on irc! #efiction at
Feel free to delete any blocks you're not using and any docs. You just can't change your mind then. I would keep a backup somewhere in case you needed it later.
Thank you Itanshi, Tammy π I'll experiment with those blocks and docs. (If I delete some of those .sqls, say, and leave the script running, will something terrible and unsolvable happen? Or will I be able to back it up safely?)
What do those .sqls do, anyway? Do they generate the tables etc and then just lie there idly? Because I don't think we'll be making any major changes.
What about the chmod in config.php then? And is there sensitive information anywhere else?
[ / is a pain in the... footer ]
You can delete them. They're there for people who want to or must create/update the tables manually instead of using the install or upgrade scripts. You can delete everything from the docs folder. As I said, I'd keep a backup somewhere offline in case you need to refer back to it or use it later.
Lovely <3<3<3 Will do. Thanks a bunch again! π
