These guys IP banned me from my own forum, www.rune-fox.net. They do not have ftp but they are still in control. How do I get rid of them?

Do you have access to the MySQL backend (e.g. phpMyAdmin)?

Oh You got hacked..hmmmm

I believe uploading the extra file "tools.php" will allow you to un-ban yourself. Once that is done add your self as a super administrator. And un-bannable.

Can you talk to your host and have them get you back on?

edit: Oh wait, you are just ip banned from the forums? I think the tools.php can help as stated above.

seems his own member turned on him... sad

$config['SpecialUsers']['undeletableusers'] = '';
$config['SpecialUsers']['superadministrators'] = '1';

Set those to include your user id in your config.php.

If you have ftp access to your files, rename the vBulletin installation folder.

This will at least stop them doing any further damage while you sort things.

if they dont have ftp access and you do then 1st thing i would do is rename the forum folder or index.php to something only u know.Will stop them accessing the forum till u can sort out your problem.

How have they got admin rights - was one of them admin and they banned you ?

How do I un-ip ban myself with tools.php?

--------------- Added 1206124218 at 1206124218 ---------------

I know how to remake the superadmin but I do not know how to un ban myself with tools.php

How do I un-ip ban myself with tools.php?

--------------- Added 1206124218 at 1206124218 ---------------

I know how to remake the superadmin but I do not know how to un ban myself with tools.php

OK. We all were leading you in the wrong direction. Sorry! The tools.php doesn't have the ability to remove an IP ban. Best bet would be using direct access to your database (BTW: Delete your tools.php from your server!)

I had a look at the forum before you disabled it and unfortunately it looked as if they had removed your admin status.
This means that even if you manage to log in, you'll not be able to get into the ACP.

I'd consider submitting a support ticket at vBulletin.com

I see you got the forum back? :D

when you do get back up, do this:

add an .htaccess file in your vBulletin attachments directory with the following in it:

<Directory /this/directory>
Options None
AllowOverride None
</Directory>

This will prevent rogue scripts from being uploaded as attachments and then executed. This CAN be done, despite what anyone thinks they know ;)

Yay, I have hacked back my website as I used tools.php and made my friend a super admin. He un ip banned me and the website is back up. I changed the name of index.php to secret.php the whole time so no one could get onto the website in between the times I was fixing it.

changing index.php does no good. you can still call any file directly.

I really REALLY ReAlLy need to write a security tutorial article here.

Please write one....

--------------- Added 1206128164 at 1206128164 ---------------

The guy is saying to everyone that I am nullified...

I know - and I've asked vb to check it out to prove them wrong.

what i would do right now (and i mean right now) is the following:

1. change any control panel passwords
2. change any FTP passwords
3. change your mysql username and password that's in the config.php script
4. COMPLETELY DELETE ALL FILES from your webroot directory and reupload all your vBulletin files and any mod files you have.

They never got my password for ftp.... Is there a 24/7 service for vBulletin? I want to talk to them....

I know they do have a service: but you'd better send a support ticket if you don't live if Canada - where is theor phone number?

I thank you all for the complete support....

some saddos on your board there really is.Seems quite a few of them where in on it.Also you do not have to proof to anyone on your board whether you have a license or not.Let them report you.So long as you are legit then you have nothing to hide so dont give in to their demands by providing proof because its simply none of their business.If u paid for the license then the only person who should have any concern is you and you alone.

Are you positive someone doesnt have FTP access?
Your site was weirded out when I viewed it...
first it shows active...
then it shows database error...
now its a redirect to Google...

You should get someone in there that can track and resolve the issue.
One thing I have done before to a forum is create a custom 'database error' page
which is a type of landing page for isolated banned members and IP's
That way, a certain group believes the forum to be down when its really not.
To make it work properly, you need to resolve proxies to true IP though.

If youre having difficulties, I advise shutting down the entire site until you can locate
the source of the problem.
Better to be offline for awhile than having your members deal with site and member problems.

It was restored then hacked again, it looks like FTP access to me.

did this get worked out?

Nope - Apparently the owner of a site and quarterx.org were having an arguement, but I can't say.