My forum was hacked yesterday and all the PHP and index.htm files on my site replaced by the NeverEverNoSanity page. I deleted all the files and replaced with backups and checked here for a new version of the forum. This morning I spent a couple of hours upgrading from version 2.0.10 to 2.0.11 (a long job as my forum is heavily modified).
The next thing I know is the forum is disabled at the server and I received this email message from my host's abuse department:
"You have not upgraded phpBB and the result is our server has been breached. We have suspended access to your forum to prevent the hacker re-gaining access.
You must not re-enable this forum as it has serious security holes."
My question is, does version 2.0.11 fix the problem with NeverEverNoSanity worm? My host denies any responsibility for the security breach and I may end up losing the (expensive) hosting that I have for my forum (16500 members). I don't want to risk re-enabling the forum (if I even can?) if it means I lose my host, but I really want to get the site back online...
Not what I wanted for christmas