Hanna

Hello, first of all thank you guys very much for all these fast replys. It is not possible to use sql injection and XSS at my website, I have allready tried these two vulnerablilities my self because I know how they work. According to the attacker something in php.ini made it possible for him to gain entry to one of my user accounts and to deface the front page with a picture with his message.

Hello, My website has been hacked, and the attacker left a message saying: "your missing something in your php.ini if you want to prevent future hacks configure it right". I really dont like this, because my website means a lot to me. I use mysql as database. I have read the php.ini file, but I cant figure it out. Can you guys please help me by reviewing my php.ini? Thanks to everyone who helps me, Hanna My php.ini is attached as txt file. Maybe you need to open it in wordpad to view it right. [attachment deleted by admin]