PDA

View Full Version : Forum hacked. Admin password changed and templates altered.


prof3ta
07-18-2013, 03:17 PM
Ive fixed it since, but It will happen again unless I figure out how they managed to do it. Basically the admin password is changed, the templates are modified to include a php redirect, particularly the footer template.

Any ideas on how to tackle this one?

ForceHSS
07-18-2013, 06:55 PM
Any custom plugins can allow anyone get into your admin panel if not coded right. Check server logs to see how they got in you might need to get in touch with your host for the logs

Lynne
07-19-2013, 02:17 AM
Check your access_logs (if you don't know where they are, ask your host) from around the time this happened to see if they used a plugin to do this. Also, have your host look at the server logs and see what other IPs have logged on via ftp or ssh.

CAG CheechDogg
09-02-2013, 05:58 AM
Also do a user search and search for all administrators, moderators and honestly look at all the permissions in your usergroups. Someone could of created an extra admin account and that is how they are getting in.

You might want to also rename our admincp to something else.

Bubble #5
09-02-2013, 04:26 PM
You might want to also rename our admincp to something else.

When you change the name, do you just change the name of the ACP folder and the config file, or do you need to change it other places also?

@OP, there is a admin hack that helps prevent breakins. Every time someone logs into you ACP it sends you an e-mail and it looks for your IP. If they don't match then they aren't allowed in. It's called Admin Firewall, here's the link:

https://vborg.vbsupport.ru/showthread.php?t=296383

snakes1100
09-02-2013, 04:28 PM
Folder name & config file only.

You should also apply htaccess to the admin/mod folders.

Bubble #5
09-02-2013, 04:38 PM
You should also apply htaccess to the admin/mod folders.

OK thanks snakes1100, appreciate the help, I forgot what they called it. I'm sure someone has written up a tutorial on how to do this. I've been meaning to apply htaccess for a while now and just keep forgetting about it. This thread was a nice reminder :)

snakes1100
09-02-2013, 04:40 PM
If you have cpanel or plesk, there is a simple link in them to apply it to a folder.