Hi,
i had a site hacked last night after only 6 weeks beeing online and fully updated. Even with admin tool installed, think i go back to apache2 security module.
EDIT: The admin tools htacess rules had been disabled by me for debugging purposes and i forgot to put them back in. So its not admin tools fault!
Anyway, i am screening the apache2 logs for the entry point and see tons of this messages in the error log:
[Mon Jun 12 00:44:47 2017] [error] [client 46.118.158.86] PHP Notice: Undefined property: Gantry
::$belatedPNG in /path_to/jsite/libraries/gantry/features/belatedpng.php on line 44, refe
rer: http://videochat.cafe/
I suppose "$belatedPNG" is an global variable and those scripts try to exploit a hopefully fixed gantry exploit?!
best regards,
Arnd