I will give it a try later today.. Sure it was done through the form and not through FTP?
Nearly positive. I was told by the hacker it was done through the login form. First he modified the login page, then probably grabbed my SQL login through a similar manner.
Or... that's just a red herring. I highly doubt a SQL exploit can modify web pages.
I never said it was an SQLi. I just know it used the login form that uses an SQL database, and he just managed to grab my SQL info for other purposes after breaking my form.
do you have brute force protection as well? because someone can just run bruteforce until it pops a correct user and pass.
That isn't the issue here.