6 Mar
2013
6 Mar
'13
2:48 p.m.
Hello,
On Wed, Mar 06, 2013 at 02:41:45PM +0000, Andy Bennett wrote:
In this case the customer (just) removed Wordpress.
I think it is highly likely that Wordpress was the source of the
compromise, and that the compromise extended no further than writing
some content into Wordpress's wp-content directories, but if it were
my host then I would be wanting to confirm that, indeed.
Unfortunately I can't justify keeping a paying customer's service
disabled once they have removed the thing that the abuse reports
were about.
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
This does beg
the question, how can you be happy that your machine isn't
still compromised.
Who's machine? AIUI, the compromised machine was reinitialised.