Hej, I have a backup of everything: The installed scripts, changed files, access log. I can send them to you if you like.
There were two IPs involved, and the script installed another script which was accessed with POST-requests several times, and finally deleted. As the apache-user has quite limited rights and the system was updated nothing severe should have happened. We checked all files which have been changed during the 10 minutes of the activity, and found nothing than two manipulated files. @Nuno: What URL should we use instead? //Holger On Thu, Aug 23, 2012 at 7:32 PM, Maarten Dammers <[email protected]> wrote: > Op 23-8-2012 19:21, Maarten Dammers schreef: >> >> <something> > > For the people with an over-active spam filter: > http://lists.wikimedia.org/pipermail/wikilovesmonuments/2012-August/003666.html > > Maarten > > > > _______________________________________________ > Wiki Loves Monuments mailing list > [email protected] > https://lists.wikimedia.org/mailman/listinfo/wikilovesmonuments > http://www.wikilovesmonuments.org -- Styrelseledamot, kassör Wikimedia Sverige Box 500 SE-101 29 Stockholm Org.-nr. 802437-8310 http://www.wikimedia.se/ _______________________________________________ Wiki Loves Monuments mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikilovesmonuments http://www.wikilovesmonuments.org
