About a week ago a bot made a post to my blog using an "iframe."

It messed up my admin comment page and made it unusable, so I simply deleted the comment directly from my database. This fixed the admin comment page, but now if I try to go the admin addons page or the admin>options>spam control page, all I see is a full page ad.

I looked through the database and could not find where I could correct this.

I also installed this:
(http://se.nsuo.us/contrib/comment-field-patch_PLAIN.zip - this strips out the HTML tags and then converts anything remaining to htmlentities - in effect this will allow only plain text comments.) as posted by se.nsuo.us, but it doesn't seem to fix my existing problem.

I also added the source ip (209.190.16.82) to my htacess file, but this also seems to do no good for some reason.

I just want my blog back. Help! (and thanks in advance)

Sorry I forgot to include that i am running version 1.5 wit the aforementioned upgrade from se.nsuo.us.

You can find my blog here:
http://jamey.byethost11.com/photos/index.php

And the info from my admin gen info page:
You are running Pixelpost version 1.5 - April 2006
Latest pixelpost version: Check


URL http://jamey.byethost11.com/photos/admin/index.php

PHP-version 5.1.4 (Pixelpost's min requirement: PHP version: 4.3.0 )

MySQL version 4.1.11-Debian_4sarge4-log (Pixelpost's min requirement: MySQL: 3.23.58 )

GD-lib 2.0 or higher with JPEG support

File Uploads to pixelpost site are possible.

Server Software NOYB

EXIF Pixelpost is using exifer v1.5 for EXIF-information.

Guessed imagepath: /var/www/virtual/jamey.byethost11.com/htdocs/photos/images/

Configured Imagepath: /var/www/virtual/jamey.byethost11.com/htdocs/photos/images/

Image Directory: OK - Can we write to the directory? YES. CHMOD: 0755

Thumbnails Directory: OK - Can we write to the directory? YES. CHMOD: 0755

Language Directory: OK

Addons Directory: OK

Includes Directory: OK

Templates Directory: OK

Can't say what exactly happened unless I have a look at the offending page - but to take a shot it looks like the bot did manage to install a shell or similar script using one of the recent exploits.

If you can trust me with the admin username and password PM me the same and I will try to figure out whats happening

grrr....i hate spam

Please change password and login and send them to se.nsuo.us. se.nsuo.us please copy files from server and make diff with package from which it was installed.

Jamey sent me the needed info - and after poking around for sometime I figured that anti_spam.php addon was not playing well with the ads which his host was inserting.

Deleting anti_spam.php solved the problem of addon page not appearing but some of the addons are still not showing. I can't help further than this.

My sincere recommendation would be to get an ad free host.

Thanks so much for your help se.nsuo.us and sorry for all of the trouble.