vb.org Archive
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   How to stop this hacker? (https://vborg.vbsupport.ru/showthread.php?t=213467)

Sajeth 05-10-2010 11:53 AM
Quote:
Originally Posted by desitracker (Post 2028702)
Add 256 Bit Protection From Your Hosting Services..
It's A Payment Service...u Will Pay About 70 Dollars Per Year..

Note That Then Ur 100% Protected:)
Thats All
Then U Can Install All What U Want..
Thats one of the most useless posts I've ever seen in this forum - SSL doesn't protect you from Exploits, leaked Passwords or human stupidity.

Speysider 05-10-2010 04:14 PM
Quote:
Originally Posted by desitracker (Post 2028702)
Add 256 Bit Protection From Your Hosting Services...
Please do NOT spread such false information here. How the hell is adding 256-Bit protection going to stop hackers??

Please think before posting if you actually know what you are talking about.

Naan-Kadavul 07-08-2010 10:28 AM
Too much modifications..check with that.

Skydiver10 07-12-2010 09:04 PM
You can have as many mods as you want! I have over 25 mods on my forum!

But, to protect your files and database from this pest, all you need to create a .htacces file and a .htpasswd in the "ADMIN directory on your server! This will create another password for anyone to access the entire directory. Do the same for your "INCLUDES" directory and "INSTALL" directory. I had the same problem you did and this completely closes all back doors and prevents anyone accessing your shit!

Make sure you use a different username and password than the ones you use to access the admin control panel via the forums. Also encrypt the password with the link below.

Instruction are here:
http://www.phpfusion-mods.net/articl...?article_id=23

Password generator here:
http://www.htaccesstools.com/htpasswd-generator/

It will take some time for you to create these files and make them work properly by using the full path - AuthUserFile /full/path/to/.htpasswd

Once you get it all working correctly a window pops up asking you to enter the username and password when accessing these directories. No one will be able to do any changes accept for you and who ever has the htaccess username and password.

Good luck!

BirdOPrey5 07-12-2010 09:57 PM
If you password protect your includes directory won't that stop everyone from being able to view the site? Many functions make calls to the includes directory, no?

Skydiver10 07-12-2010 11:23 PM
Nope, have been doing it since last year, no problem. Includes folder is mostly admin functions. Also this site vb.org and VB's other site do the same!

Brandon_R 07-12-2010 11:58 PM
It stops HTTP access from viewing the directory, not PHP from including the files and running them.

Skydiver10 07-13-2010 12:03 AM
That sounds correct.....:)

BirdOPrey5 07-13-2010 12:59 AM
Quote:
Originally Posted by Brandon_R (Post 2068311)
It stops HTTP access from viewing the directory, not PHP from including the files and running them.
Well that doesn't sound like it would do much to stop hackers then- if they can't browse the directory due to the presence of an index file or server config how would adding a password to the includes directory help if files can still be accessed via php?

Skydiver10 07-13-2010 01:14 AM
Do some research on .htaccess files, does in fact stop anyone from writing, accessing, etc., that is not authorized through htaccess files. No way to get to the directories that have these files, not even the spiders or crawlers because they are completely protected from htaccess... period. Unless someone has your server or FTP client password and can bypass them by deleting them or altering them. Other than that it is almost impossible since the htacces file catches them with a password requirement while surfing to those directories.


All times are GMT. The time now is 11:19 AM.
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01064 seconds
  • Memory Usage 1,739KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (3)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete