I have installed Suite CRM 7.2.1. Last night my Suite CRM installation was compromised and hackers had left malicious code(mostly base eval php functions) in several directories. I’ve upgraded my suite installation(to 7.2.2) and I have manually removed corrupted files.
Apart from directory permissions what other steps I can follow to tighten the security of suite installation?
Please share your thoughts.
Thanks,
Do you know how the system was compromised? Identifying where the gap was is the first step towards fixing the issue.
No I couldn’t trace how it was compromised. I’ve also installed Joomla in another directory. Even these files were corrupted.
I honestly doubt that this is a SuiteCRM security issue, I would look at changing passwords for all accounts that have access to the server. Unfortunately the largest risk is always people so do an inventory of who has access and make sure their accounts haven’t been compromised/issue new credentials, I would also look into any software you have recently installed on the server.
This is always a difficult issue, best of luck.