You might want to give just a little more information...why do you think you are hacked, what is happening, what is limited to only your ip address, etc,,,
In reply to Emma Richardson
Re: only my ip addresses allowed and still getting hacked
by christian turc -
I am using Moodle 1.19 on a GoDaddy hosted account. This app is available to install through the control panel. after installing this software my php files get changed. How do I prevent that? Is there a way I could password protect those files? Also I tried manually to install different versions of Moodle like 2.2, 2.3 or 2.4 but the results were the same or even worse. I was not even able to get back to my site. What should I do? and thanks for replying . Chris
I do hope you have either a full site backup or at the very least, course backups downloaded and archived.
For others who might find this discussion/issue ... Christain and I have had a 'side bar'. In that 'side bar' from what I gather, it appears GoDaddy installer script installs a version less than 1.9.19+ (highest/most secure of that series). After installation, it warns about setting the salt (which was introduce in version 1.9.6), it has php error reporting turned on, and installs moodledata in space directly accessible via the web. (appears to be installing 1.9.7). Even installing 2.2, 2.3, or 2.4 the moodledata folder should not be in a directory that is directly accessible via the web.
Not long ago, MS computers came with pre-installed malware from an OEM in the distrubtion channel. Wonder GD is now suffering something similar in that php files in whatever installer they have provided for customers has already been compromised.
Surely, if php files appear in your site, GoDaddy security folks would be able to at least investigate that and report finding.
Have already suggested he check into a GD VPS.
'spirit of sharing', Ken