QSIm5f <a href="http://bxvnzzcpfqxg.com/">bxvnzzcpfqxg</a>, lefpyqqftsvo (http://lefpyqqftsvo.com/), dyalongkqzay, http://lmeoycizmjem.com/

Hi Drew,

Thanks for joining the forum!

You do have a nice-looking website. It was in my database (the virtual gallery) already. Your "Culture" section, in particular, is pretty unique among church websites. I'll be adding it to the "Seen and noted" section of Great Church Websites in another day or so.

What's up Drew? Nice to finally meet ya. I always wondered who the mastermind behind Kaleo Church was.

You guys have a great site. I think it's real cool to see a pastor who realizes the potential of the web, let alone have one that helps build and cast the vision for it. You guys have got a ton of great content on it.

I'm excited to discuss strategy and learn from some of your successes and failures in building your site.

I can tell you one failure right now. The last two weeks we've had two people hack our site. Somehow through php there are vulnerabilities.

So my next project is to figure out how to solve this. My isp said:

I regret the inconvenience you faced. However, the hack would only be possible with php scripts being used in your webspace which have access information to your webspace. There are no protective measures we provide, only way would be to disable php on your webspace.

So I'm back to square one.

Turns out the culprit was the phpBB2 forum. David you may want to upgrade this site.

http://www.phpbb.com/phpBB/viewtopic.php?t=248046

Thanks, Drew, for the heads up (that is, the warning). I'll get busy and research the problem.

Fortunately, there's little if any personal data on my site for a hacker to get at.

If a hacker wanted to deface my site (as another example), given the low number of visitors per day, it doesn't seem like it would be worth the effort.

Nevertheless, your warning got me looking through the announcements on the phpBB forum, looking for security fixes I need to make. I've already made some; others I'll make tomorrow.

This forum uses v2.06. Seems the current version is 2.07; it contains a number of security fixes.

Sincerely,

David Gillaspey
President
Great Church Websites

My mistake. Current version of phpBB2 is 2.011. As before, it contains a number of security fixes. Today (12/28) I'll attempt to upgrade this forum to phpBB 2.011.

Also, Drew, make sure your hosting company is running php version 4.3.10. That version fixes or stops the security problem mentioned above, as you probably already have learned. Fortunately, my hosting company, www.midphase.com, is running v4.3.10.

If your hosting company is running an earlier version of php yet says to you

&lt;&lt; I regret the inconvenience you faced. However, the hack would only be possible with php scripts being used in your webspace which have access information to your webspace. There are no protective measures we provide, only way would be to disable php on your webspace. >>

then you might want to switch hosters ASAP.

Sincerely,

David Gillaspey
President
Great Church Websites