Hi Kenblog.

Change your password ASAP! Make sure other CMS in your site is secured from exploits like SQL INjection, RFI and more.

If you have other CMS other than B2evolution example Joomla (unsecured SQL injection), they could get in to your system using SQL Injection and get your admin password in b2evolution.

B2evolution is not using any salt hashes encryption type. just normal md5.

good luck

Thank you. I changed my password.

what's your blog site?

http://ethicalego.com/Relations/blog4.php

when you say "a hacker posted ... I found them from email" ... did the hacker make a post or did they make a comment/use the message form ?

Jmcausing, md5()++salt() is as safe as any other form of encryption ;)

¥

I receive email notification each time someone posts a comment to a post so that I can edit or delete or accept the comment. I clicked on the comment line and it opened up a recent post that I had not written and comments to it. The post did not appear on the list of posts in my admin section. I deleted it and changed my password and I have had no repeats. It was a mistake to delete the entry, because it prevent my host from tracing the problem.

If it happens again, don't delete the post and come back here ... tad hard to help with a deleted post, sorry

¥