Hi all,
This thread was getting out of hand, so I closed it down.
The MacRumorsLive feed was compromised as described. The cause of the security breach is best described as "user error" due to admin files being inadvertently mirrored across multiple server instances with incorrect permissions. This allowed php code to be displayed rather than executed, which was clearly a "bad thing". Our actual admin panel is password protected, of course.
This is just a live and learn event, we'll try not to make the same mistake next time.
arn
This thread was getting out of hand, so I closed it down.
The MacRumorsLive feed was compromised as described. The cause of the security breach is best described as "user error" due to admin files being inadvertently mirrored across multiple server instances with incorrect permissions. This allowed php code to be displayed rather than executed, which was clearly a "bad thing". Our actual admin panel is password protected, of course.
This is just a live and learn event, we'll try not to make the same mistake next time.
arn