This is more of a general type question/query.
I've just visited an efiction site* and I immediately get a virus/problem alert and the site redirects to Russia (charming). Now, I'm not suggesting that the security issue that allowed the site to get hacked is due to efiction (although I only get the redirect when accessing viewstory.php so far, not at the main index etc), but I'm wondering what would be the usual steps to harden up an install?
Personally, I've left the directory permissions as they were when I installed my site, but I'm wondering if there were some extra steps I should've taken.
I've sent an email to the admin and hopefully someone will see it (I'm not sure the site is active from an admin POV).
(* http://www.samandjack.net/fanfics/viewstory.php?sid=3309)
It looks like the site has the problem fixed.
Considering the redirect happened when looking at a story, the problem could be as simple as the story having the redirect, or even a comment. Of course, it could be more than that, but those would be the simple things that could cause it.
Julieann
Running 3.4.3 bridged with SMF and Coppermine
Mods: Challenges, cpg-art (not working), Limit Summary Length, Bio to Prefs, Top 20 instead of 10
Wants: Move Betareader to Prefs, Twitter
The best advice is to follow the install instructions ( https://efiction.org/wiki/index.php5?title=Installing_3.0) to the letter, mainly ensuring things are CHMODed correctly after install and deleting the install folder. Also, not bridging / modding with things that can open up security holes, and not allowing problematic HTML tags in text.
