I know this is the wrong sort of hack for the forum, but i wondered if anyone knows how i can stop or at least trace (ip address) hackers that get into our forum with admin permissions or more recently access our web host using FTP and modify our php scripts sometimes deleting critical lines of code, we have just lost our members online stats on the front page and i have found the lines that were deleted and restored them but it is very time consuming to check everything and find the damaged script files

If anyone knows of any relevant hacks that would make our BB more secure or alert me to unauthorised access (especially FTP access to our web space!) then can you please let me know

Cheers

PS if i have posted this in the wrong forum please move it to the appropriate forum

Change the passwords! :)

.htaccess password-protect your /admin subdirectory.

.htaccess password-protect phpMyAdmin.

How do these guys get admin access??? Make it so that only you can access the admin cp - install an admin security hack that you can find in Full Releases.

Thanks for the help, all i have to do is find out how to do them!! (shouldnt be too difficult though),

I'm not at all sure how its being done, but i think the scripts are being modified directly rather than using the control panel, the logs are only accessible by me and i'm the only one that can change them and i am seeing wuite a few IP's that i dont recognise but nothing malicious is being done through the CPanel according to the logs

Its very strange!!

Ban those IPs if you are certain they are malicious.

Get your host to check the server logs, or do it yourself if it's your server.

Change your FTP username and password!!! And your site Admin CP username and password!!! Tell your host!!! :)

Problem with changing the FTP user name and PW is that a lot of parts of the site are run by helpers that need access to do their bit to help (i dont have enough time to do it all) so the security can never be 100%, I know this is a security flaw, bit there's not much i can think of that can be dont to trace ftp access into the site?

IP banning doesnt seem to work because most technical people know how to change their ip address with in a couple of minutes if they need to

Its on a shared server, not sure if we have access to any access logs, i will check into that

cheers

Remember you have an Admin Log in the ACP too, which records everything that happens in there and logs the IP too :D

Shared servers are intrinsically insecure, for various reasons.

That is very dangerous, sharing your FTP access with others. :) I keep mine top secret, with only me with access.

If you share your FTP access, and if you insist in not changing your password, then no one can help you stop your site from being hacked again and again, since someone out there knows the password obviously.

Originally posted by Erwin
Shared servers are intrinsically insecure, for various reasons.

That is very dangerous, sharing your FTP access with others. :) I keep mine top secret, with only me with access.

If you share your FTP access, and if you insist in not changing your password, then no one can help you stop your site from being hacked again and again, since someone out there knows the password obviously.

Could'nt have said it better myself, if you want your site protected, Noone but you should have access to any admin or ftp info :smoke: