PDA

View Full Version : Site Got Hacked twice in 1 week by same Hacker.

inqelaab.org
06-18-2011, 01:45 AM
My site got hacked twice by same hacker , my hosting company restore my site from the backup but now I am banned as admin and don't know how to change that. I have logged in by other user info who is also have administrative permission and I checked admin in user list and admin is not blocked. How can I protect my site form hacking and restore admin permissions?
final kaoss
06-18-2011, 03:39 AM
Firstly change your passwords on:

*any admin account
*your mysql database password
*your cpanel/ftp password

Then open up the config and do this.

First, change the admin cp url.

// ****** PATH TO ADMIN & MODERATOR CONTROL PANELS ******
// This setting allows you to change the name of the folders that the admin and
// moderator control panels reside in. You may wish to do this for security purposes.
// Please note that if you change the name of the directory here, you will still need
// to manually change the name of the directory on the server.
$config['Misc']['admincpdir'] = 'admincp';
$config['Misc']['modcpdir'] = 'modcp';

And secondly edit this part of the config file to your needs.

// ****** USERS WITH ADMIN LOG VIEWING PERMISSIONS ******
// The users specified here will be allowed to view the admin log in the control panel.
// Users must be specified by *ID number* here. To obtain a user's ID number,
// view their profile via the control panel. If this is a new installation, leave
// the first user created will have a user ID of 1. Seperate each userid with a comma.
$config['SpecialUsers']['canviewadminlog'] = '1';

// ****** USERS WITH ADMIN LOG PRUNING PERMISSIONS ******
// The users specified here will be allowed to remove ("prune") entries from the admin
// log. See the above entry for more information on the format.
$config['SpecialUsers']['canpruneadminlog'] = '1';

// ****** USERS WITH QUERY RUNNING PERMISSIONS ******
// The users specified here will be allowed to run queries from the control panel.
// See the above entries for more information on the format.
// Please note that the ability to run queries is quite powerful. You may wish
// to remove all user IDs from this list for security reasons.
$config['SpecialUsers']['canrunqueries'] = '';

// ****** UNDELETABLE / UNALTERABLE USERS ******
// The users specified here will not be deletable or alterable from the control panel by any users.
// To specify more than one user, separate userids with commas.
$config['SpecialUsers']['undeletableusers'] = '1';

// ****** SUPER ADMINISTRATORS ******
// The users specified below will have permission to access the administrator permissions
// page, which controls the permissions of other administrators
$config['SpecialUsers']['superadministrators'] = '1';