View Full Version : Securing vBulletin Question
COOLORANGEFREEZ
07-14-2018, 03:11 AM
Looking into securing the vBulletin as much as possible and one of the things to do (recommended) was:
1.) Make sure the getadmin.php file is nowhere on the website.
What does this mean, where to find it and what to do to secure this?
Thanks for your knowledge
Bit of a vague recommendation but they tell you to make sure that no such file exists in the root of your website. For example if your site is example.com, it should not exist at example.com/getadmin.php.
COOLORANGEFREEZ
07-14-2018, 08:40 PM
I typed in the front page and the actual forum as well and added /getadmin.php to both and came up with 404 errors. That seems like a good thing.
I didn't do any changes to the getadmin.php though so still not sure that aspect is secure.
I will have to learn about this more.
I'm assuming someone could somehow exploit this and take over the admin control of the forum?
Thanks for your help.
Apparently "getadmin.php" is a script to set a specific username to the administrator usergroup. But I think it's very old since it does not exist in the latest vBulletin 3 installation files.
I don't think you have to worry about it.
COOLORANGEFREEZ
07-15-2018, 01:32 AM
Thanks for that information. I'm moving on to create passwords for directories.
socialteenz
07-15-2018, 04:33 AM
Thanks for that information. I'm moving on to create passwords for directories.
Only the admincp and modcp should be password protected not all of them.
COOLORANGEFREEZ
07-16-2018, 12:45 PM
Thanks for that. Will complete in that way.
vBulletin® v3.8.12 by vBS, Copyright ©2000-2024, vBulletin Solutions Inc.