www.apartmentdelsol.com / Joomla 1.5.23
A month or so ago my website was suspended because it was sending loads of spam mail. This was due to a contaminated php file - /modules/mod_wdbanners/sm3iv8.php - which was attacked via deficiency in the Joomla code (according to the providers). I Updated to Joomla 1.5.23 (from 1.5.12) by performing a clean install after deleting the live site. I removed the offending php file from old site files then reinstalled database, menus etc from the local version of the site that I had used in development.
I unintsalled the log-in module that allowed users to upload photographs and comment on holidays. Despite having no ability to log in, I am now getting requests to enable new 'users' - on examination, the 'users' are enabled without any admin intervention. I am simply deleting these people from the user list at the moment - the only usr is me, as super admin. What can I do to prevent a recurrence of the spam mail generated by non-exixtent users?
Cheers,
Barrie
