We are being bombarded with this person who thinks it funny to alter the website.

I am not sure what is going. At first he found an exploit with vbadvanced. Now he managed to with vbulletin forum system. We are running 4.1.9

Thanks

It is more than likely one of your plugins that is letting him in check server logs from your host see how he is doing it

We are being bombarded with this person who thinks it funny to alter the website.

I am not sure what is going. At first he found an exploit with vbadvanced. Now he managed to with vbulletin forum system. We are running 4.1.9

Thanks

How were you hacked? I mean what type of hack it was. If I were you I would contact the hosting company and ask them to check the access logs and see how the hacker was able to get in. In meanwhile do a thorough scan/checkup of your server space and database and change all your passwords (forum admin, ftp and cpanel). Also scan your pc too with an antivirus/antispyware.

If your db is damaged then restore your most recent one from before the hack and upgrade your forum a.s.a.p.

yeah we do daily backups thats not the problem. Right now i cannot since i am at work and they filter out my own site :p

That is a good idea i will have to check with our hosting company.

That is a good idea i will have to check with our hosting company.
your welcome

ah i think i know what he is doing. He is forwarding our entire domain to his turkish website.

In the morning he only fiddled with our VBA index.php but now he forwarded the entire site over.

did he get into your hosting site

I upgraded the vbulletin. It was 4.0.9

He altered our htaccess. Set it up to forward it to his website. How can you gain entry to that?

I hope the vb upgrade helped.

if he got access to the htacess file then that means he has got into the ftp or some other way into the db files change all passwords to everything talk to your host and ask them to check server logs to see how he got in. Then your host can block him from the server level

I upgraded the vbulletin. It was 4.0.9

He altered our htaccess. Set it up to forward it to his website. How can you gain entry to that?

I hope the vb upgrade helped.

Most likely he got access through the server. Did you ask your host to check the access logs?

host not really being helpful. It only shows last 20 users logged in. I asked them to increase the number but they can't

I am changing the FTP info.

Login to your cpanel & check FTP sessions, if you are not using FTP, there should be none active. If there is one active that is not yours, terminate it.
Then change your host cpanel password, doing so will change FTP login details as well.