Just started to get this this morning echo " "; echo " ";

[SecureAspects]

Just started to get this this morning, "echo " "; echo " ";" it shows up when logging into the admin side and when on the summary page it is under where the refresh whould show up whne you do a refresh, any one else have this?

[SecureAspects]

This was caused by an injection code gzinflate base64_decode, yes I was hacked, changed all my passwords and replaced all my files, looks like the mail culprit was in my language files. Hope this helps.

[Imran]

It is good that you were able to find and fix the problem, it is important for all of us to have proper file and folder permissions.

[pipingdesigners]

I've had several security issues over the last few months ... to the point where candidates and employees couldn't update profiles.

It always came back to .htaccess files, I seem to have hundreds of them.

Is there a guide anywhere as to exactly what security settings should be set (files and folders)?

Cheers.

[Imran]

Normally for folders it is 755 and for files it is 644.
But if it is required to edit and it needs 777 permission you should also change the group/ownership of the file so that it is difficult for others to write except the intended script.
Or you can even try 666 for files if it is needed to make them writable.