Hi,
The other thing I'd suggest is to give the system a good once over to ensure the hacker did not leave any trojan files. If so, any changes you do now may not have any effect if they've left a php or cgi script that will allow them back in at a later date.
Also, in addition to the IP restrictions, double check your .htpasswd files to ensure there are no new accounts that you don't know about. We've seen people add a new password to the list, and then changing your password won't help.
Cheers,
Alex
--
Gossamer Threads Inc.
The other thing I'd suggest is to give the system a good once over to ensure the hacker did not leave any trojan files. If so, any changes you do now may not have any effect if they've left a php or cgi script that will allow them back in at a later date.
Also, in addition to the IP restrictions, double check your .htpasswd files to ensure there are no new accounts that you don't know about. We've seen people add a new password to the list, and then changing your password won't help.
Cheers,
Alex
--
Gossamer Threads Inc.