Quote:
1. FTP
2. WHM (have my own server)
3. X-cart Logins
|
When you say WHM - I am not sure if you are including your database passwords. If not - it is advisable to change those as well. Your config.php file has your db passwords in it and if someone had access to your site - they could have picked them up.
There have been no database exploits reported in this thread, but best to be safe.
It is really not advisable to go through your files one by one. Not only is it time consuming - it is inefficient. You could miss something. Talk to you host about the scripts in post
64 + the added advise in post
143. Also, send the last bit of advise (after "Dear recommended hosting providers") from Ene in post
139 to your hosting provider and see if they can implement that.