is this a Hack attempt of just a error?

[annomander]

I've recently moved my site from one server/domain to another server and domain name.

 

I moved the database across by doing a SQL import in phpmyadmin and then altered the admin to account for new domain and email addresses.

 

A few days ago a Enom registration failed, and the password field in the module was set to some wierd characters, I thought it might have being some corruption and the enom at that time would have failed as I'd not updated Enom with my sites new IP anyway (a woops, forgot about that)

 

Just now I'd seen a password on an account also corrupted, this account is slightly suspect, the password showing is: W�j>%�:�

 

Now when I first logged into the admin on the new install after the move I did have to change the Charset as pound signs were showing up incorrect and changing it fixed it.

 

I just don't know if this an attack attempt or an corruption

I've gone through the logs and seen no suspect activity

 

And yes, the admin folder is changed and locked down with a htaccess IP block

 

Cheers all

[laszlof]

Did you copy over the configuration.php from the previous installation? Particularly, the encryption hash?

[annomander]

I believe I kept the new configuration file and copied across my iPhone APi key

[laszlof]

You need to use the same cc_encryption_hash from your original configuration or all your passwords/credit cards will be broken.

[annomander]

Ah thank you, as I only use paypal that wont be a issue. Thank you.

 

I not too concerned about clients passwords matching in whmcs with whm as I prefer them to change them to a password of their own once they've logged in.