-version 0.7.26 maybe? The last one before actual version.
-All my plugins are from e107.org or other free deplovers.
-I don't really know what you mean with that. If you mean my hosting, I have SSL support but I'm not using it. Apart of that, nothing else, just normal login into parallels plesk panel 10.3.1 and phpMyAdmin 3.4.1 (I have really strong passwords)
-Yes, this is the first time.
I can't past all the code because the forum is not letting me, Its something like this:
First off -- you should upgrade to 1.0.0. I don't think anything has changed from 0.7.26 to 1.0.0 that is different as far as "getting hacked" is concerned, but there's really no reason not to upgrade.
Secondly, just because a plugin is listed here on this site does not mean it is safe, nor does the author of the plugin have anything to do with the plugin being safe or not safe. It's all in the manner it was coded. Most "unsafe" plugins were removed from this site, so you should be fine with getting them from here.
As far as security features, I was more talking about a modified .htaccess file or utilizing something like ZBBlock. Both of these things are talked about on the wiki.
I can't be sure the plugin you mentioned is the cause, but it's the only "logical" reason you have mentioned so far.
Finally, I would recommend removing the bad plugin and installing some sort of protection on your site (modified .htaccess file or ZBBlock). If you don't feel comfortable with doing this contact your webhost.
Following the instructions in the thread that is in my signature won't hurt, but it's possible that it's overkill in this situation.
The same error even with new installation with new directory and database. [-link-]
I have no idea whats going on. On installation everything was, I've typed al data for the "database" acces and was all good, I "hit" OK and then that error comes out. Could be a database reading error?
For starters, look into Incapsula. I just put two of my sites through them and so far, I am happy with the results. They help block this kind of thing along with known malicious bots, cross site scripting, etc.
The first thing you should do is try and see what IPs the requests were coming from and block them in your .htaccess as Septor suggested.
I don't know about your PHP error, honestly. I got the same thing on my main domain and didn't put much investigation into it. It works on my development domain just fine and they are both on the same server rack.
All product names mentioned herein are the trademarks of their respective owners. In addition, images, logos, pictures or other material may be trademarks or registered trademarks of their respective owners. Emote images by seb, released under the GPL license. With the kind support of Corllete Lab Studio. Forum Icons by Axialis Team.