hello

my forum database displays error for a week by showing
'mybdd_db' has exceeded the 'max_user_connections' resource (current value: 150) and''
after first consulting the support of my host, I'll copy the answer

1st answer:

Hello,

We completely removed the limit on the database to determine if the problem is the limit or not.

2nd response

Hello,

We put your script under surveillance, and it looks like someone fun to try SQL Injection attacks guy on your vBulletin script, for example here are some detected attacks:

# # # # # # # # # # # #
Database error in vBulletin 4.2.1:

Invalid SQL:
Attack 1: SELECT * FROM WHERE userregcode userregemail ='' & cat / etc / passwd &'';
Attack 2: SELECT * FROM WHERE userregcode userregemail = '% sample 40email.tst' and (sleep (4) +1) limit 1 -;
Attack 3: SELECT * FROM WHERE userregcode userregemail & dir ='' &'';
Attack 4: SELECT * FROM WHERE userregcode userregemail'' = "\ \") |] * {<> ';
# # # # # # # # # # # #

It is therefore clear that the vBulletin version you are using is very risky to you faster to update to plug the SQL Injection vulnerability types.

what should I do for my vbulletin securiser ?

ps: my vbulletin is a day 4.2.1

thanks

You have no third party addons or modifications?

Seriously consider installing ZBBlock. http://www.spambotsecurity.com/

Yes, more third party addons will fix the problem :rolleyes:

after you tell them that my vbulletin is up to date
here is their answer

Hello,

It is quite possible that it comes from module or addon non maintained a day, this the cause module comes not necessarily vBulletin.

--------------- Added 1376329162 at 1376329162 ---------------

You have no third party addons or modifications?

hello

I have several addons and modifications, I do not know which is the cause

You should disable them all, and wait to see if the issue persists.

You should disable them all, and wait to see if the issue persists.

thank you for your reply

we can not know the flaw after this ?


Invalid SQL:
Attack 1: SELECT * FROM WHERE userregcode userregemail ='' & cat / etc / passwd &'';
Attack 2: SELECT * FROM WHERE userregcode userregemail = '% sample 40email.tst' and (sleep (4) +1) limit 1 -;
Attack 3: SELECT * FROM WHERE userregcode userregemail & dir ='' &'';
Attack 4: SELECT * FROM WHERE userregcode userregemail'' = "\ \") |] * {<> ';
# # # # # # # # # # # #


--------------- Added 1376330660 at 1376330660 ---------------

Seriously consider installing ZBBlock. http://www.spambotsecurity.com/

thanks ,

you think installing zbblock limit these attacks sql?

I don't believe those are default queries.

it's probably an addon, but I do not know which unfortunately.
there is 'there addon quarantined by vb.org ?

Tons, you should disable all of your third party addons, then re-enable them oen by one and figure out which is causing the errors. I suspect something with registration.

If a hack/addon has a php file with that query in it, then disabling addons isnt going to stop them from accessing the file itself.

I doubt you have SSH access to your server, if you do you can use "grep" to search through your files quick & easily.

Example:
grep -H -r "FROM WHERE userregcode userregemail" /home/username/public_html/

That will check all your files for that text in every folder below public_html

You can copy that to your host support & ask them to run it.

This was from the Verify Email Before Registration mod that was recently quarantined, then fixed by the author - https://vborg.vbsupport.ru/showthread.php?t=294164

​Be sure you run the latest version.