[RESOLVED] Migation plesk 9 to virtualmin, and after one hour a website have been hacked


i’ve seen something différent betwenn plesk9 and virtualmin

i use joomla for website

on plesk 9 the files have the right rw-r–r-- (Write for owner)
and the dir have rwxr-xr-x
and the files was not update by a php page

on virtualmin i’ve to do r–r--r-- for the files
and r-xr-xr-x for the dir

do you think a rw-r–r-- and rwxr-xr-x can be the raison of the hack ?

What is the good acces right to put on file and dir ?
and to public_html ?



the site have been hacked because a php page was not secure.

i’ve simple search the php of the hacker on the access log apache.

now the server is secure, and i’ve set valid right on the website files and dir.