So now that I was hacked again and files are being destroyed, I need help fixing the problems.

Errors in all global.php's are there, pointing to the same EXACT line...

eval($optionstemp[template]);

HELP!

EDIT EDIT EDIT!

I meant to put this in Support......

Link just run a full clean install again... just redownload files from your vb user cp... sorry to hear about the hacking...

g-force2k2

Clean install....... goddamnit. This would be my 4th damned clean install in about a month. I am sick of this bull++++. Feel like I should just shut the damned thing down.

How is your site being hacked?

why don't you just restrict the admin cp so that no user can become and administrator and that no user can access the control panel except you?

g-force2k2

Originally posted by Erwin
How is your site being hacked? That *is* the critical question. If you are being hacked through your server then nothing you do with vB withh help stop this.

ic smachol lets hope not...

else it might just mean its time for a new host...

g-force2k2

I wouldn't really know how I am being hacked. But you know what? Even though my admin CP is crippled and non-accessible, I used the nifty admin-logs through phpMyAdmin and got the stupid IP address.

But I am wondering if there is anyway to fix the problems that the hacker caused......

Unfortunetly, I had left debug on while doing some hacks and of course the hacker took out all of the settings (almost). The setting table is left with 41 rows. While I can fix that, I want to know how to fix the file errors. BTW, I also have the admin log table stored right on my harddrive showing the hacker deleting setting groups and banning me (which I unbanned myself, but I can't do anything with a crippled admin CP) with the dateline and his IP Address.

if the hacker was trying to cripple through the admin cp then he must've just hacked the forums then... if thats they case the just define yourself as the only person able to access admin cp... ;) and restrict the setting.php file... just some ideas of course...

g-force2k2

Originally posted by Link14716
Unfortunetly, I had left debug on while doing some hacks and of course the hacker took out all of the settings (almost). That's a security risk as you probably have figured out by now.

How do you restrict the setting.php file?

Originally posted by g-force2k2
if the hacker was trying to cripple through the admin cp then he must've just hacked the forums then... if thats they case the just define yourself as the only person able to access admin cp... ;) and restrict the setting.php file... just some ideas of course...

g-force2k2

Originally posted by Boofo
How do you restrict the setting.php file?

Its allready protected by:

cpheader();

So only admins can use it, you could of course restrict it to a specified userid:

if ($bbuserinfo[userid]!=1) {
exit;
}

After cpheader(); so that the script exits if you don't have the userid 1.

The safest option though is to put the entire admin directory behind a .htaccess block and uses a different username / password combo then you do for your forums.

Originally posted by smachol
That's a security risk as you probably have figured out by now.
I have always know that it was a security risk, I used it mostly to add templates into the global set.

I can get back my settings, but don't get these errors......

Parse error: parse error, expecting `T_VARIABLE' or `'$'' in /home/sites/site68/web/forums/admin/global.php(125) : eval()'d code on line 1

Warning: Cannot add header information - headers already sent by (output started at /home/sites/site68/web/forums/admin/global.php(125) : eval()'d code:1) in /home/sites/site68/web/forums/admin/functions.php on line 1628

Warning: Cannot add header information - headers already sent by (output started at /home/sites/site68/web/forums/admin/global.php(125) : eval()'d code:1) in /home/sites/site68/web/forums/admin/functions.php on line 1628

Warning: Cannot add header information - headers already sent by (output started at /home/sites/site68/web/forums/admin/global.php(125) : eval()'d code:1) in /home/sites/site68/web/forums/admin/functions.php on line 1628

Every other page has that on it, with the global.php, and I am wondering if when I get my settings back from the grave if it'll fix......

Make sure there is no white space at the end of functions.php after the ?>

If only it were that easy...

The global.php line:
eval($optionstemp[template]);

functions.php line 1628:
setcookie($name, $value, $expire, $cookiepath, $cookiedomain, $secure);

Change this:

eval($optionstemp[template]);


to this:

eval($optionstemp['template']);

Once again..... if only it were that easy.... I tried it and still get the exact same error in all 3 global.php and function.php's

BTW, I got the settings up, but it still has same error, nthing has changed. I am going to go ahead and ban the corrupt admin so I don't have to deal with his ass whining and +++++ing...

Send me your global and functions files...

And how would I do this on a Linux server? I know absolutely nothing about .htaccess. :)

Originally posted by NTLDR


The safest option though is to put the entire admin directory behind a .htaccess block and uses a different username / password combo then you do for your forums.

Firstly, create a file inside you admin directory called .htaccess with the following content:

AuthUserFile path-to-admin-dir/.htpasswd
AuthName "vBulletin Administrator Control Panel"
AuthType Basic

<Limit GET POST>
require valid-user
</Limit>

Change path-to-admin-dir to the path to the admin directory on the server, and then create a file called .htpasswd and visit: http://www.xs4all.nl/~remcovz/htpasswd.html to generate what you should put in this file.

You will then be prompted with a popup security box that you have to enter the username and password before any files in the admin directory can be viewed.

Would the path to the admin dir just be "admin" then?

Originally posted by NTLDR
Firstly, create a file inside you admin directory called .htaccess with the following content:

AuthUserFile path-to-admin-dir/.htpasswd
AuthName "vBulletin Administrator Control Panel"
AuthType Basic

<Limit GET POST>
require valid-user
</Limit>

Change path-to-admin-dir to the path to the admin directory on the server, and then create a file called .htpasswd and visit: http://www.xs4all.nl/~remcovz/htpasswd.html to generate what you should put in this file.

You will then be prompted with a popup security box that you have to enter the username and password before any files in the admin directory can be viewed.

No, it needs to be the full path on the server, if you don't know that path, visit member2.php in your forums directory, this will give you a fatal error and the path to member2.php.

If you replace member2.php with admin thats the path to the admin directory ;)

I tried that and all I got was a blank page with the word "done" in the status bar. :)

Would it be the same path as for my FTP?

Originally posted by NTLDR
No, it needs to be the full path on the server, if you don't know that path, visit member2.php in your forums directory, this will give you a fatal error and the path to member2.php.

If you replace member2.php with admin thats the path to the admin directory ;)

Ahhh... never leave your debug on ever...

Originally posted by Boofo
I tried that and all I got was a blank page with the word "done" in the status bar. :)

Would it be the same path as for my FTP?

They must have changed it since 2.2.4 :(

This should work, visit admin/index.php?action=phpinfo and search for DOCUMENT_ROOT that gives the path to the root of your domain, ie www.yoursite.com, then just add the path to the forums admin after it, eg /forums/admin

LOL This just isn't my day. :)

It tells me NO Value on that. :)

Will this work?

http://www.bearfacts2.com/forum/admin?

how about this.
at the end of the first line of one of the index.php's, add some random characters. Upload it and run it. It will give you the path to the file

Bingo! At first, I did as you suggested and added random characters to the end of the <?php line but the page still loaded fine. I then replaced the <?php line with random characters and and it gave me the error and the path I needed. Thanks for the help. I should have known that. DOHHH!!!

Now, how do I go about setting up .htaccess for the main forums dir without having to password it (do stop anyone from downloading any php files and stuff like that)?

I think using .htaccess to protect /admin is working.
My website was hacked recently
Even I change my administrator's password can not stop the hacker login in.
I has checked my server ( include Apache's Log & DNS ) , no error can be find.
And finial I find hacker was login into /admin using my account & password.
After changed my password at lease 5 times , i decided to using .htaccess file at /admin directory.

ps. 1. I find some website discuss crack vbb at China website .... like below

http://www.enet.com.cn/esafe/inforcenter/A20040720326189.html

2. Suddenly I find one thing , even the hacker can not login into /admin , but he still can login into system to delete mass post .... and do anything he want to do ...... :angry::angry::angry::angry:

I think using .htaccess to protect /admin is working.
My website was hacked recently
Even I change my administrator's password can not stop the hacker login in.
I has checked my server ( include Apache's Log & DNS ) , no error can be find.
And finial I find hacker was login into /admin using my account & password.
After changed my password at lease 5 times , i decided to using .htaccess file at /admin directory.

ps. 1. I find some website discuss crack vbb at China website .... like below

http://www.enet.com.cn/esafe/inforcenter/A20040720326189.html

2. Suddenly I find one thing , even the hacker can not login into /admin , but he still can login into system to delete mass post .... and do anything he want to do ...... :angry::angry::angry::angry:
This is a very very very old thread, i (think) i repllied to your thread at vBulletin.com. >.>