<font size="2">hi every body

i get hacked for two day ago and i know that the hacking is by changing the
spacer_open templates

i fix the hacking but
the question is ?

how they change this templates
by which method
and what is the best way to prevent that
and how i can check my forum for other bug
specially the bug they use in hacking spacer_ open

regards
Eng. Ali Hashim </font>

Most likely, they are gaining access through an insecure PHP script, or vBulletin modification.

how i can ... know what is the insecure PHP script, and/or vBulletin modification.
cause this problem ?

and if u thought that the hacker was upload an php shell
how can i discover it ?

thank u very very much for ur replay

best wishes
Ulkahf Group & network

You can look through your apache access_logs from around that time that you got hacked and see if anything shows up there. You may have to talk to your host about finding out how they did this and you should do that soon since most logs are only kept around for a couple of days.

thanks very much I'll do that soon